Strange network error - host is "LAN only"

S

shamael

New Member
Aug 7, 2009
9
0
1
[SOLVED] Strange network error - host is "LAN only"

Hallo, I am experiencing a very strange network error and I have no idea what to check next.
My proxmox server sits behind a pfsense firewall. The problem is basically that on the host LAN works but WAN doesn't: I ping and ssh to other LAN machines (including guests) and all is well, but as soon I ping an outside machine or try to apt-get I get timeouts.
The strange thing is that guests work correctly.
At first I thought it was the firewall and some NATting error but it isn't, in fact when I try a tcpdump on the server interface I see pings and connections correctly coming back from the internet.
The issue came out after upgrading to 1.6 (all had been well in previous versions), although I am not too sure the two things are connected. I have not made changes to the network configuration after upgrading.
 
Last edited:
pls post the output of 'pveversion -v', make sure you use the very latest packages and test again.
 
At the time of the first posting I had:

pve-manager: 1.6-2 (pve-manager/1.6/5087)
running kernel: 2.6.32-3-pve
proxmox-ve-2.6.32: 1.6-13
pve-kernel-2.6.32-3-pve: 2.6.32-13
pve-kernel-2.6.24-7-pve: 2.6.24-11
qemu-server: 1.1-18
pve-firmware: 1.0-7
libpve-storage-perl: 1.0-13
vncterm: 0.9-2
vzctl: 3.0.24-1pve4
vzdump: 1.2-7
vzprocps: 2.0.11-1dso2
vzquota: 3.0.11-1
pve-qemu-kvm: 0.12.5-1
ksm-control-daemon: 1.0-4


I've now updated manually (downloading the packages from another system) and I should now be up to the latest versions. This is the output now:

pve-manager: 1.6-2 (pve-manager/1.6/5087)
running kernel: 2.6.32-4-pve
proxmox-ve-2.6.32: 1.6-19
pve-kernel-2.6.32-3-pve: 2.6.32-13
pve-kernel-2.6.32-4-pve: 2.6.32-19
pve-kernel-2.6.24-7-pve: 2.6.24-11
qemu-server: 1.1-18
pve-firmware: 1.0-8
libpve-storage-perl: 1.0-14
vncterm: 0.9-2
vzctl: 3.0.24-1pve4
vzdump: 1.2-7
vzprocps: 2.0.11-1dso2
vzquota: 3.0.11-1
pve-qemu-kvm: 0.12.5-1
ksm-control-daemon: 1.0-4

Unfortunately, the problem remains... :(

I've also tried disabling ipv6 but it didn't help.

Thanks!
 
shamael said:
I ping and ssh to other LAN machines (including guests) and all is well, but as soon I ping an outside machine or try to apt-get I get timeouts.
The strange thing is that guests work correctly.
Click to expand...

What is the output of "netstat -nr" on the host and on one of the guests where it is working?
 
Ah you tipped me in the right direction! I had two bridges up from an old configuration; when I disabled the one I wasn't using, I gained back normal connectivity. I don't know why upgrading to 1.6 exposed this issue, though, nor whether I would face this problem again if I had to create a second bridge.
 
You must log in or register to reply here.
Top Bottom