[SOLVED] Why can’t my vmbr1 VM connect to an IP other than the host?

L

luciferlu

Active Member
Apr 22, 2019
26
2
43
45
I added a 10G NIC to my system. This card is connected to a 10G switch. I bridged this card to vmbr1. The problem is, the host can ping the switch IP, but neither the virtual machine nor the container can. What settings do I need to set up so that my virtual machine can access my 10G switch?
Code: 
auto lo
iface lo inet loopback
iface eno1 inet manual
iface enp3s0f0np0 inet manual
auto vmbr0
iface vmbr0 inet static
        address 192.168.2.106/24
        gateway 192.168.2.1
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0

iface vmbr0 inet6 dhcp

auto vmbr1
iface vmbr1 inet static
        address 192.168.1.198/24
        bridge-ports enp3s0f0np0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094


Code: 
root@pve001:~# ping 192.168.1.199
PING 192.168.1.199 (192.168.1.199) 56(84) bytes of data.
64 bytes from 192.168.1.199: icmp_seq=1 ttl=64 time=0.272 ms
64 bytes from 192.168.1.199: icmp_seq=2 ttl=64 time=0.292 ms
64 bytes from 192.168.1.199: icmp_seq=3 ttl=64 time=0.256 ms
64 bytes from 192.168.1.199: icmp_seq=4 ttl=64 time=0.274 ms
[root@arch ~]# ping 192.168.1.199
PING 192.168.1.199 (192.168.1.199) 56(84) bytes of data.
From 192.168.1.45 icmp_seq=9 Destination Host Unreachable
From 192.168.1.45 icmp_seq=10 Destination Host Unreachable
From 192.168.1.45 icmp_seq=11 Destination Host Unreachable
From 192.168.1.45 icmp_seq=12 Destination Host Unreachable
From 192.168.1.45 icmp_seq=13 Destination Host Unreachable
 
Last edited:
xekhz said:
What is the output of


ip route
Click to expand...
host
Code: 
 root@pve001:~# ip route
default via 192.168.2.1 dev vmbr0
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
192.168.1.0/24 dev vmbr1 proto kernel scope link src 192.168.1.198
192.168.2.0/24 dev vmbr0 proto kernel scope link src 192.168.2.106

lcx
Code: 
[root@arch ~]# ip route
default via 192.168.2.1 dev eth0 proto static
192.168.1.0/24 dev net1 proto kernel scope link src 192.168.1.45
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.45
 
luciferlu said:
host
Code: 
 root@pve001:~# ip route
default via 192.168.2.1 dev vmbr0
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
192.168.1.0/24 dev vmbr1 proto kernel scope link src 192.168.1.198
192.168.2.0/24 dev vmbr0 proto kernel scope link src 192.168.2.106

lcx
Code: 
[root@arch ~]# ip route
default via 192.168.2.1 dev eth0 proto static
192.168.1.0/24 dev net1 proto kernel scope link src 192.168.1.45
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.45
Click to expand...

lcx
Code: 
[root@arch ~]# ip route
default via 192.168.2.1 dev eth0 proto static
192.168.1.0/24 dev net1 proto kernel scope link src 192.168.1.45
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.45

in here .  192.168.1.0/24 dev net1 .. instead net1 shouldnt be vmbr1
in here .  192.168.2.0/24 dev eth0 .. instead eth0 shouldnt be vmbr0 
?????
 
xekhz said:
lcx
Code: 
[root@arch ~]# ip route
default via 192.168.2.1 dev eth0 proto static
192.168.1.0/24 dev net1 proto kernel scope link src 192.168.1.45
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.45

in here .  192.168.1.0/24 dev net1 .. instead net1 shouldnt be vmbr1
in here .  192.168.2.0/24 dev eth0 .. instead eth0 shouldnt be vmbr0
?????
Click to expand...
Code: 
sh-5.2# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.2.45  netmask 255.255.255.0  broadcast 192.168.2.255
        inet6 fe80::48d:38ff:fe13:b719  prefixlen 64  scopeid 0x20<link>
        ether 06:8d:38:13:b7:19  txqueuelen 1000  (Ethernet)
        RX packets 454494  bytes 52133448 (49.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 59935  bytes 3288079 (3.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 105591  bytes 6183333 (5.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 105591  bytes 6183333 (5.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

net1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.45  netmask 255.255.255.0  broadcast 0.0.0.0
        inet6 fe80::4c60:d9ff:fecb:4188  prefixlen 64  scopeid 0x20<link>
        ether 4e:60:d9:cb:41:88  txqueuelen 1000  (Ethernet)
        RX packets 7886  bytes 1564588 (1.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 212  bytes 11882 (11.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
 
luciferlu said:
Code: 
sh-5.2# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.2.45  netmask 255.255.255.0  broadcast 192.168.2.255
        inet6 fe80::48d:38ff:fe13:b719  prefixlen 64  scopeid 0x20<link>
        ether 06:8d:38:13:b7:19  txqueuelen 1000  (Ethernet)
        RX packets 454494  bytes 52133448 (49.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 59935  bytes 3288079 (3.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 105591  bytes 6183333 (5.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 105591  bytes 6183333 (5.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

net1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.45  netmask 255.255.255.0  broadcast 0.0.0.0
        inet6 fe80::4c60:d9ff:fecb:4188  prefixlen 64  scopeid 0x20<link>
        ether 4e:60:d9:cb:41:88  txqueuelen 1000  (Ethernet)
        RX packets 7886  bytes 1564588 (1.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 212  bytes 11882 (11.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
Click to expand...
are they all in the same vlan ?
 
What is the ip of the switch ? 192.168.1.199

PVE
[ VMBR1 - in interface Inter_1 ] put an ip address in inter_1 192.168.1.200

VM1
bridged VMBR1 with VIRTIO

In VM1 try to ping 192.168.1.200 and 192.168.1.199
 
Last edited:
xekhz said:
What is the ip of the switch ? 192.168.1.199

PVE
[ VMBR1 - in interface Inter_1 ] put an ip address in inter_1 192.168.1.200

VM1
bridged VMBR1 with VIRTIO

In VM1 try to ping 192.168.1.200 and 192.168.1.199
Click to expand...
YES, I have tried already.
VM1 adds a virtio NIC from vmbr1.
switch: 192.168.1.199
PVE: 192.168.1.198
VM1:192.168.1.100
PVE can ping switch and VM1.
VM1 can only ping PVE.
 
luciferlu said:
YES, I have tried already.
VM1 adds a virtio NIC from vmbr1.
switch: 192.168.1.199
PVE: 192.168.1.198
VM1:192.168.1.100
PVE can ping switch and VM1.
VM1 can only ping PVE.
Click to expand...
Well that is really strange....
Netmaks /24 ?
 
check with tcpdump -ni vmbr1 icmp and tcpdump -ni enp3s0f0np0 icmp
if you see traffic whole pinging
 
  • Like
Reactions: xekhz
After changing my cx4221a to 82599ES everything goes well.
Proxmox doesnot support cx4221a very well?
Thanks everyone for helping me to solve this.
xekhz said:
I can only think of firewall blocking ...
All i see is correct..
Click to expand...

Yes all is correct except the hardware.
 
You must log in or register to reply here.
Top Bottom