[SOLVED] Stopping a VM brings down a bridge

J

jdrews

Active Member
Jul 24, 2013
16
1
43
US
I'm noticing that when I stop a VM with a network interface tied to an internal "private sub network" it takes down the bridge as well. This means any other VMs on that network don't work either.

It doesn't matter if the VM is using a network interface with e1000 or virtio.

I'm using this method: https://pve.proxmox.com/wiki/Network_Model#Masquerading_.28NAT.29_with_iptables
I have 10+ other Proxmox hypervisors from VE3 to VE5 using this method and they work fine.

Running "service networking restart" fixes it.

Using Proxmox VE 5.1.-36.

Code: 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
8: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP group default qlen 1000
    link/ether 00:25:90:da:7f:88 brd ff:ff:ff:ff:ff:ff
9: rename9: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:25:90:da:7f:89 brd ff:ff:ff:ff:ff:ff
58: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:25:90:da:7f:88 brd ff:ff:ff:ff:ff:ff
    inet 10.1.1.22/24 brd 10.1.1.255 scope global vmbr0
       valid_lft forever preferred_lft forever
    inet6 fe80::225:90ff:feda:7f88/64 scope link
       valid_lft forever preferred_lft forever
59: vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 36:56:e6:0f:03:ee brd ff:ff:ff:ff:ff:ff
    inet 10.10.22.1/24 brd 10.10.22.255 scope global vmbr1
       valid_lft forever preferred_lft forever
    inet6 fe80::3456:e6ff:fe0f:3ee/64 scope link
       valid_lft forever preferred_lft forever
Code: 
auto lo
iface lo inet loopback

auto vmbr0
iface vmbr0 inet static
        address 10.1.1.22
        netmask 255.255.255.0
        gateway 10.1.1.1
        bridge_ports eno1
        bridge_stp off
        bridge_fd 0

auto vmbr1
iface vmbr1 inet static
        address  10.10.22.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.22.0/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.22.0/24' -o vmbr0 -j MASQUERADE

iface rename2 inet manual
 
Last edited:
I found a solution. Instead of making another vmbr1 interface, I just gave vmbr0 two IPs, one of which is the internal VM network. Now when I stop a VM it does not take down the entire bridge.

This should suffice for our uses (software development lab usage).


Code: 
auto lo
iface lo inet loopback

auto vmbr0
iface vmbr0 inet static
        address 10.1.1.22
        netmask 255.255.255.0
        gateway 10.1.1.1
        bridge_ports eno1
        bridge_stp off
        bridge_fd 0

iface vmbr0 inet static
        address 10.10.22.1
        netmask 255.255.255.0
 
please report this as a bug, that cant be intended behaviour, nasty one
i wonder if thats jsut a local failure or indeed a bug in this kind of config, cant test it dont use prvate subs
 
could you please provide the journal from around the time you stopped the VM? I think most of us have an identical or similar setup for our virtual test and dev environments, and I have never encountered such an issue..
 
Here's /var/log/syslog during the error I noted above.

Timeline is as follows:
1. Nov 16 13:25:01 - VM 101 started
2. Nov 16 13:25:16 - VM 101 stopped
3. Bridge vmbr1 goes down immediately after vm stops
4. Nov 16 13:25:27 - User execution of "service networking restart" on the proxmox hypervisor. vmbr1 comes back up.

Code: 
Nov 16 13:22:00 hv22 systemd[1]: Starting Proxmox VE replication runner...
Nov 16 13:22:01 hv22 systemd[1]: Started Proxmox VE replication runner.
Nov 16 13:23:00 hv22 systemd[1]: Starting Proxmox VE replication runner...
Nov 16 13:23:01 hv22 systemd[1]: Started Proxmox VE replication runner.
Nov 16 13:24:00 hv22 systemd[1]: Starting Proxmox VE replication runner...
Nov 16 13:24:01 hv22 systemd[1]: Started Proxmox VE replication runner.
Nov 16 13:25:00 hv22 systemd[1]: Starting Proxmox VE replication runner...
Nov 16 13:25:01 hv22 systemd[1]: Started Proxmox VE replication runner.
Nov 16 13:25:01 hv22 pvedaemon[3524]: <jdrews@lan.local> starting task UPID:hv22:00002A6F:046F2563:5A0DD7FD:qmstart:101:jdrews@lan.local:
Nov 16 13:25:01 hv22 pvedaemon[10863]: start VM 101: UPID:hv22:00002A6F:046F2563:5A0DD7FD:qmstart:101:jdrews@lan.local:
Nov 16 13:25:01 hv22 systemd[1]: Started 101.scope.
Nov 16 13:25:01 hv22 systemd-udevd[10875]: Could not generate persistent MAC address for tap101i0: No such file or directory
Nov 16 13:25:02 hv22 kernel: [743949.738452] device tap101i0 entered promiscuous mode
Nov 16 13:25:02 hv22 kernel: [743949.749486] vmbr1: port 1(tap101i0) entered blocking state
Nov 16 13:25:02 hv22 kernel: [743949.749489] vmbr1: port 1(tap101i0) entered disabled state
Nov 16 13:25:02 hv22 kernel: [743949.749622] vmbr1: port 1(tap101i0) entered blocking state
Nov 16 13:25:02 hv22 kernel: [743949.749623] vmbr1: port 1(tap101i0) entered forwarding state
Nov 16 13:25:02 hv22 pvedaemon[3524]: <jdrews@lan.local> end task UPID:hv22:00002A6F:046F2563:5A0DD7FD:qmstart:101:jdrews@lan.local: OK
Nov 16 13:25:16 hv22 pvedaemon[10938]: stop VM 101: UPID:hv22:00002ABA:046F2B1A:5A0DD80C:qmstop:101:jdrews@lan.local:
Nov 16 13:25:16 hv22 pvedaemon[3524]: <jdrews@lan.local> starting task UPID:hv22:00002ABA:046F2B1A:5A0DD80C:qmstop:101:jdrews@lan.local:
Nov 16 13:25:16 hv22 kernel: [743964.048548] vmbr1: port 1(tap101i0) entered disabled state
Nov 16 13:25:17 hv22 pvedaemon[3524]: <jdrews@lan.local> end task UPID:hv22:00002ABA:046F2B1A:5A0DD80C:qmstop:101:jdrews@lan.local: OK
Nov 16 13:25:27 hv22 systemd[1]: Stopping Raise network interfaces...
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 postfix[10990]: Postfix is running with backwards-compatible default settings
Nov 16 13:25:27 hv22 postfix[10990]: See http://www.postfix.org/COMPATIBILITY_README.html for details
Nov 16 13:25:27 hv22 postfix[10990]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
Nov 16 13:25:27 hv22 postfix/postfix-script[10996]: refreshing the Postfix mail system
Nov 16 13:25:27 hv22 postfix/master[1471]: reload -- version 3.1.6, configuration /etc/postfix
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent.
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent.
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 postfix[11027]: Postfix is running with backwards-compatible default settings
Nov 16 13:25:27 hv22 postfix[11027]: See http://www.postfix.org/COMPATIBILITY_README.html for details
Nov 16 13:25:27 hv22 postfix[11027]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
Nov 16 13:25:27 hv22 postfix/postfix-script[11033]: refreshing the Postfix mail system
Nov 16 13:25:27 hv22 postfix/master[1471]: reload -- version 3.1.6, configuration /etc/postfix
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent.
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent.
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 postfix[11084]: Postfix is running with backwards-compatible default settings
Nov 16 13:25:27 hv22 postfix[11084]: See http://www.postfix.org/COMPATIBILITY_README.html for details
Nov 16 13:25:27 hv22 postfix[11084]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
Nov 16 13:25:27 hv22 postfix/postfix-script[11090]: refreshing the Postfix mail system
Nov 16 13:25:27 hv22 postfix/master[1471]: reload -- version 3.1.6, configuration /etc/postfix
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent.
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent.
Nov 16 13:25:27 hv22 kernel: [743974.994805] vmbr0: port 1(eno1) entered disabled state
Nov 16 13:25:27 hv22 kernel: [743975.090606] device eno1 left promiscuous mode
Nov 16 13:25:27 hv22 kernel: [743975.090632] vmbr0: port 1(eno1) entered disabled state
Nov 16 13:25:27 hv22 kernel: [743975.121478] IPv6: ADDRCONF(NETDEV_UP): eno1: link is not ready
Nov 16 13:25:27 hv22 systemd[1]: Stopped Raise network interfaces.
Nov 16 13:25:27 hv22 systemd[1]: Starting Raise network interfaces...
Nov 16 13:25:27 hv22 systemd-udevd[11152]: Could not generate persistent MAC address for vmbr0: No such file or directory
Nov 16 13:25:27 hv22 kernel: [743975.185703] vmbr0: port 1(eno1) entered blocking state
Nov 16 13:25:27 hv22 kernel: [743975.185705] vmbr0: port 1(eno1) entered disabled state
Nov 16 13:25:27 hv22 kernel: [743975.185750] device eno1 entered promiscuous mode
Nov 16 13:25:27 hv22 kernel: [743975.246167] vmbr0: port 1(eno1) entered blocking state
Nov 16 13:25:27 hv22 kernel: [743975.246169] vmbr0: port 1(eno1) entered forwarding state
Nov 16 13:25:27 hv22 ifup[11139]: Waiting for vmbr0 to get ready (MAXWAIT is 2 seconds).
Nov 16 13:25:27 hv22 systemd[1]: Reloading OpenBSD Secure Shell server.
Nov 16 13:25:27 hv22 systemd[1]: Reloaded OpenBSD Secure Shell server.
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 postfix[11236]: Postfix is running with backwards-compatible default settings
Nov 16 13:25:27 hv22 postfix[11236]: See http://www.postfix.org/COMPATIBILITY_README.html for details
Nov 16 13:25:27 hv22 postfix[11236]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
Nov 16 13:25:27 hv22 postfix/postfix-script[11242]: refreshing the Postfix mail system
Nov 16 13:25:27 hv22 postfix/master[1471]: reload -- version 3.1.6, configuration /etc/postfix
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent.
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent.
Nov 16 13:25:27 hv22 systemd-udevd[11264]: Could not generate persistent MAC address for vmbr1: No such file or directory
Nov 16 13:25:27 hv22 ifup[11139]: device eno1 is already a member of a bridge; can't enslave it to bridge vmbr1.
Nov 16 13:25:27 hv22 ifup[11139]: Waiting for vmbr1 to get ready (MAXWAIT is 2 seconds).
Nov 16 13:25:27 hv22 systemd[1]: Reloading OpenBSD Secure Shell server.
Nov 16 13:25:27 hv22 systemd[1]: Reloaded OpenBSD Secure Shell server.
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 postfix[11348]: Postfix is running with backwards-compatible default settings
Nov 16 13:25:27 hv22 postfix[11348]: See http://www.postfix.org/COMPATIBILITY_README.html for details
Nov 16 13:25:27 hv22 postfix[11348]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
Nov 16 13:25:27 hv22 postfix/postfix-script[11354]: refreshing the Postfix mail system
Nov 16 13:25:27 hv22 postfix/master[1471]: reload -- version 3.1.6, configuration /etc/postfix
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent (instance -).
Nov 16 13:25:27 hv22 systemd[1]: Reloading Postfix Mail Transport Agent.
Nov 16 13:25:27 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent.
Nov 16 13:25:28 hv22 systemd[1]: Reloading Postfix Mail Transport Agent (instance -).
Nov 16 13:25:28 hv22 postfix[11402]: Postfix is running with backwards-compatible default settings
Nov 16 13:25:28 hv22 postfix[11402]: See http://www.postfix.org/COMPATIBILITY_README.html for details
Nov 16 13:25:28 hv22 postfix[11402]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
Nov 16 13:25:28 hv22 postfix/postfix-script[11408]: refreshing the Postfix mail system
Nov 16 13:25:28 hv22 postfix/master[1471]: reload -- version 3.1.6, configuration /etc/postfix
Nov 16 13:25:28 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent (instance -).
Nov 16 13:25:28 hv22 systemd[1]: Reloading Postfix Mail Transport Agent.
Nov 16 13:25:28 hv22 systemd[1]: Reloaded Postfix Mail Transport Agent.
Nov 16 13:25:28 hv22 systemd[1]: Started Raise network interfaces.
Nov 16 13:25:28 hv22 kernel: [743976.012441] vmbr0: port 1(eno1) entered disabled state
Nov 16 13:25:31 hv22 kernel: [743979.260756] igb 0000:06:00.0 eno1: igb: eno1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Nov 16 13:25:31 hv22 kernel: [743979.260871] vmbr0: port 1(eno1) entered blocking state
Nov 16 13:25:31 hv22 kernel: [743979.260873] vmbr0: port 1(eno1) entered forwarding state
 
the bridge should only go down if there is no active port any more (and then it will automatically go up again if a port becomes active)..
 
  • Like
Reactions: Dersonmanhique
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back