After an hour's debugging, I draw the conclusion that it's a bug in PVE Firewall. I've submitted it as #4983.
To whoever stumbling upon this issue, go add nf_conntrack_allow_invalid: 1 to your host firewall config. This is the best workaround available at the moment.
The reason why the RST...
Worked out the ACK number issue: By default tcpdump prints sequence numbers relative to previous packets. Adding -S to tcpdump options shows the correct numbers. Nothing wrong on this side.
Still wondering what's wrong with conntrack INVALID state.
I'm running into exactly the same issue as #56300. The previous thread was old and I have more details on that, so I thought I'd just open a new thread.
PVE version is almost up-to-date: proxmox-ve: 8.0.2 (running kernel: 6.2.16-6-pve)
VM → Firewall → Options → Firewall = No: No effect
VM →...
Unfortunately no. Since Proxmox VE is Debian under the hood, some level of familiarity with Linux CLI is required. Basic tasks like text editing shouldn't be too hard if you follow some tutorials online. Good luck on your learning.
Correct.
Normally you just create another dataset for your VM/CT, like z-media/ampache2. If you really need the exact name, there's zfs rename to the rescue.
In the zfs list output, if the mountpoint is a single dash, it's a ZVOL (obviously cannot be mounted by ZFS). If it's anything else...
TASK ERROR: unable to parse zfs volume name 'ampache'
Your ZFS volume z-media/ampache is a dataset, not a ZVOL volume that PVE is expecting. You should give it a ZVOL to work with, like zfs create -s -V 64G z-media/ampache.
For the extra disk, it's because PVE scans the given storage source...
1. ZFS keeps a record of which host OS last imported an array. If the array imports properly on the host but not the VM, try exporting it from the host first. You may also try zfs import -f in case of emergency but otherwise not recommended.
2. If the ZFS pool imports well, you can edit...
First, thanks to Proxmox GmbH for developing this wonderful open-source virtualization solution. I know of multiple universities and non-profits providing mirror for Proxmox repositories, and we're currently using lftp(1) to sync content via HTTP, which frequently causes de-sync. If Proxmox...
I can confirm pve-kernel-5.13.19-5-pve version 5.13.19-13 is having a good term with Windows KVM, including PCI passthrough (vfio-pci). Host is HP DL380 Gen 10 with Intel Xeon Scalable processors (Skylake). Thank you for the quick response.
@avladulescu For the time being we did put pve-qemu-kvm on hold. When we found that 9 KB MTU solved the issue for us, we released the hold and followed the latest versions. We've been running fine since.
@benh7 Glad that I could help.
@avladulescu @benh7 Strangely enough, our issues were gone after enabling jumbo frame (9000 bytes MTU) on the management network where the problematic NIC is connected. You might want to give this a try unless you have incompatible devices.
We were able to bisect the cause to QEMU 6.0 adding...
At grub screen, you can press e to edit grub configuration before booting. At that point, you can remove quiet from the kernel command line and then boot. There should be more output available, usually enough for you to locate the issue, like missing files or initramfs modules.
Alternatively...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.