UEFI PXE Boot Issues After Upgrading from Proxmox VE 8.3.4 to 8.3.5

[hd--]

About SDN.

I've two guest Proxmox VMs running on my main host. The guest Proxmox VMs get their IPs correctly from the same DHCP as main host. So, maybe it's ok the SDN and the error comes from elsewhere.

However, I cannot start any VMs inside these guest Proxmox instances. It seems to be failing due to a dnsmasq error.

org.freedesktop.DBus.Error.ServiceUnknown: The name uk.org.thekelleys.dnsmasq.Beta was not provided by any .service files
kvm: -netdev type=tap,id=net0,ifname=tap102i0,script=/var/lib/qemu-server/pve-bridge,downscript=/var/lib/qemu-server/pve-bridgedown,vhost=on: network script /var/lib/qemu-server/pve-bridge failed with status 2816
TASK ERROR: start failed: QEMU exited with code 1

Okay just to make sure:
Is your main host also a Proxmox VE Node and we're talking about nested virtualization?
Have you configured the SDN DHCP feature in your Proxmox VE guests, so that their guests get IP addresses from them?
If I have misunderstood your setup, please elaborate.

Can you please share the dnsmasq error message with us?

 

[finsel]

Okay just to make sure:
Is your main host also a Proxmox VE Node and we're talking about nested virtualization?
Have you configured the SDN DHCP feature in your Proxmox VE guests, so that their guests get IP addresses from them?
If I have misunderstood your setup, please elaborate.

Can you please share the dnsmasq error message with us?

Yes, that's correct. Main host is a Proxmox VE Node with two Proxmox VM with nested virtualization.

Nevermind @hd-- , I've recreated the SDN within Proxmox VM and it's working ok I've modified title thread.

About UEFI boot, the issue appeared immediately after updating only pve-edk2-firmware-ovmf and its direct dependencies (pve-edk2-firmware, pve-edk2-firmware-legacy). I don't know if VirtIO RNG it's related to them.

 

[ctssean]

https://lore.proxmox.com/pve-devel/20250218111102.40055-1-f.schauer@proxmox.com/ should make that easier!

would be nice to have a warning or notification stating that the Virt RNG is missing is ‘netX’ is included in the boot order and the VM is set to UEFI.

 

[bcurran3]

...and here I thought it was just me.

Holy... It works when I add a VirtIO RNG! Why?!

Me too!

(I've been running PVE for almost two weeks, haven't a clue what VirIO RNG even is yet.)

because EDKII implemented a security hardening measure that means network booting requires a source of entropy, if none is found network booting is disabled.

I have no idea what that means, but thank you for the explanation!

 

[dekart811]

I can also confirm that you'll get the PXE option back without having an RNG device if there's no EFI disk present at all.
Just remove your EFI disk and the option will be back, this makes the so called "hardening" measure even more nonsense to me.

 

[fabian]

that will disable secureboot, which is the precondition for a lot of those hardening measures.

 

[dekart811]

that will disable secureboot, which is the precondition for a lot of those hardening measures.

I know, but even if you have an EFI disk present which doesn't have secureboot enabled, the PXE option is still gone.