ebtables

Hi all, I don't understand how ebtables work on PVE firewall and I don't find good documentation about that. I've enabled firewall on my VMs and LXC containers, but it seems that it's only filtering Layer3 packets (iptables, I guess). And what I'd like to do is to filter protocols operating at...

During IP changes of multiple hosts I noticed that MAC and IP filters were no longer functional in my configuration. While trying to understand why this behavior changed from when I initially set up IP filtering I noticed that ebtables rules are no longer created when the firewall is disabled on...

Hello dear proxmox forum! TLDR: I want to allow particular MAC through mac filter rule. How I could edit ebtables rule for particular VM, so it will fit ergonomically into pve itself? I tried searching proxmox forum before creating new thread. Well.. I tried searching internet for this. But...

Hey there, on a large PVE cluster all vms are flooded with many ARP Requests. (PVE 8.1.10 / Linux 6.5.13-3-pve) tcpdump -ennqti any arp ens18 B ifindex 2 88:30:37 Request who-has <redacted> tell <router-ip>, length 46 ens18 B ifindex 2 88:30:37 Request who-has <redacted> tell <router-ip>...

Hi forum, I'm seeing a lot of ARP request packets ("who-has ... tell ...") in the guest VM, I suspect this is because of a larger VLAN and many unused IPs. Any solution to filter out the ARP broadcast packets flooding into VMs? I'm using PVE 7.4 in bridged mode. Thank you in advance.

Hi, I have an IPVS direct routing Load Ballancer VM (LB) which works only when the target Backend VM (e.g. B1) is on the same cluster node. If LB is on different node than Backend (B1), TCP connection between Client (CL) and Backend (B1) can not be established. CL sends SYN packet to LB and LB...

Good day. I have installed PROXMOX VE on Deb10 host node where has been already running and configured Firewalld & MariaDB & postfix & BIND. It is new fresh installation of PROXMOX where host is currently w no load, no traffic, yet idling. (host node is OVH KVM 2vCPU, nested virtualization...

I'm a little perplexed as to the expected behavior of disabling the firewall for troubleshooting purposes. I've left the default for the datacenter firewall as NO. And for my node the firwall was shown as on in the GUI so I toggled it to NO. Yet, if I reboot Proxmox and check the firewall status...

Hi everyone, I am running pve 5.1-42 proxmox-ve: 5.1-42 (running kernel: 4.13.16-2-pve) pve-manager: 5.1-51 (running version: 5.1-51/96be5354) pve-kernel-4.13: 5.1-44 pve-kernel-4.13.16-2-pve: 4.13.16-47 pve-kernel-4.13.16-1-pve: 4.13.16-46 pve-kernel-4.13.13-6-pve: 4.13.13-42...

Hello everybody, i really would like to deply OpenStack as LXC container but the Neutron component is not able to work because the ebtables support is missing inside the LXC or by the PVE Kernel. On the Host it self ebtables is working... So i really dont get the clue why its missing inside...