Search results

Bump, does anyone know how I should go about troubleshooting this? I noticed that the ovsintport IP becomes inaccessible once again (no ARP) after rebooting the host

Bump for Monday, any ideas?

This is the strangest networking problem I've had in a long time. I have a single host with an OVS bridge and a couple of interfaces, one 10G, one 1G. I had a single IP bound directly to the bridge. This problem started after I deleted that IP and created a new IP with a different subnet on an...

Ah okay you're right. If a VLAN ID is defined in the Proxmox UI it's behaves as an "access" interface and only untagged traffic belonging to that VLAN ID will be allowed. I really wasn't expecting the lack of a defined VLAN for a guest to behave as an unpruned trunk port. If any devs are...

I'll do some testing in my lab this morning to confirm one way or the other. Thinking back I may have been testing with an interface that didn't have a VLAN defined in the Proxmox UI.

Even if I define a VLAN on an interface via the UI, I can still create VLAN interfaces on the guest and Proxmox/OVS will allow it

I haven't tried that, but I don't use the default VLAN. The whole point is to use multiple VLANs and prevent untrusted VMs from being able to cross VM boundaries. This is the default behavior on VMware and I'm looking to replicate it here with OVS

Bump. Anyone have an answer for this? Is this not possible? In it's current state, it would appear that a compromised VM could participate in any VLAN it likes. This is pretty big security problem.

I'm using OVS and discovered that If I create a VLAN interface on a guest VM that the OVS bridge will allow it. I want to prevent this and only allow untagged traffic to and from the VM. How would I go about doing this?

Yea I was going to start looking into that next, I was assuming I'd be able to assign UNIX permissions to the files that Plex handles via inheritance from the parent directory. Would that work for Plex? Is there no way to have the Plex service run under a service account? I was able to use a...

Thanks, yea I want to run a couple VNFs on the same box. Sounds like I'll need 8GB.

Hey guys, I'm looking for feedback on a setup I've been working on. I have a Proxmox host running a domain joined samba server on bare metal. I have the acl_xattr:igonre system acls = yes flag set on each of my shares. This all works to my liking. I'm able to create users in AD and use Windows...

I'm working on a side project of looking into a mini edge hypervisor that can run some small lightweight edge VMs and containers, like PFSense and the like. The hardware I have in mind is something along the lines of an Intel NUC or a Protectli Vault. I'd like to run the system with 4GB of RAM...

Disregard, I had the default CPU type set of kvm64, which was unsupported by the appliance. Switching to Host solved the problem.

I'm trying to activate a virtual VeloCloud Edge appliance on Proxmox VE. VeloCloud recently switched to a model where there is no longer a default password that you can use to log into the VM, instead you have to use cloud-init to set the password for you. I've been having trouble getting...

Oh excellent, I think I'll give OVS another try. Thanks for pointing this out.

Thanks for the reply, unfortunately I couldn't get this to work with my virtual firewall. It's a Fortigate, and while I can set 802.1p for traffic that flows through firewall policies, it doesn't apply to kernel originated traffic like IPsec. If this isn't supported and not recommended by you...

Is it possible to have a Linux bridge apply an 802.1p header to packets when it's applying the 802.1q header? I have a virtual firewall running on proxmox VE and my ISP requires an 802.1p value of 3 and an 802.1q value of 2 to work properly. Right now I have to use a dedicated Linux bridge, tied...

Yea of course What directory would I specify to back up? I'm a little fuzy on what, if any directories I need to specify to exclude. The way ZFS mounts everything on boot is a little abstract for my knowledge level at the moment.

This may be a noob question, but is it possible to backup the root of a PVE server (root is on ZFS)? Would that even be a good idea? Could such a backup even be restored properly? The only reason I ask is that I host file shares from a bare metal PVE server (separate zpool) and would like to...