Bridge NIC Passthrough for use in LXC

D

Dilnane

Member
Aug 17, 2021
8
0
6
27
Hi to all,
After struggling with briding WAN/LAN in pfsense/OPNSense VM I decided to use NIC passthrough for my LAN interface.
I had heavy packet loss when using bridge LAN interface in pfsense/OPNsense, this topic on reddit gave me hints and I had no more issues after using NIC passthrough for LAN: https://www.reddit.com/r/PFSENSE/comments/12jhb9x/pfsense_vm_on_proxmox_high_packet_loss_and_high/

Anyway after this small explanation about why do I use NIC passthrough instead bridge, I would like to know how to use this LAN interface in my LXC containers.
Here is the conf on my PVE:
pve_interface_bis.png

When using vmbr0 (enp4s0 bridge) as WAN and vmbr10 (enp6s0 bridge) as LAN, that's where I have huge packet loss on OPNSense on my LAN interface.
So I used NIC passtrough for LAN, here my conf for my OPNSense qemu:
OPNSense_interface_bis.png
Code: 
*** OPNsense.localdomain: OPNsense 23.1 ***

 LAN (igc0)      -> v4: 192.168.10.112/24
 WAN (vtnet0)    -> v4: 192.168.1.112/24
                    v6: 2a01:cb05:8b69:df00:2cf6:7fff:feb4:12c2/64

The PCI device 0000:06:00.0 (igc0 in OPNSense) corresponds to interface enp6s0 as you can confirm here on my PVE:
Code: 
root@pve:~# lshw -c network -businfo
Bus info          Device       Class          Description
=========================================================
pci@0000:04:00.0  enp4s0       network        Intel Corporation
pci@0000:06:00.0  enp6s0       network        Intel Corporation
                  vmbr0        network        Ethernet interface
                  vmbr10       network        Ethernet interface

When I'm adding vmbr10 (enp6s0 bridge) to LXC container:
node_interface_bis.png

I can't reach my OPNSense:
Code: 
root@bionic:~# ping -c 4 192.168.10.112
PING 192.168.10.112 (192.168.10.112) 56(84) bytes of data.
From 192.168.10.3 icmp_seq=1 Destination Host Unreachable
From 192.168.10.3 icmp_seq=2 Destination Host Unreachable
From 192.168.10.3 icmp_seq=3 Destination Host Unreachable
From 192.168.10.3 icmp_seq=4 Destination Host Unreachable

--- 192.168.10.112 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3078ms

Can you please explain me why and how can I attach an interface on my LXC to reach my NIC passtrough that I linked to my OPNsense VM ?
Thanks


EDIT:
I understood that when I passthrough NIC to my OPNSense and VM is up and running, it removes NIC from PVE:
Code: 
root@pve:~# lshw -c network -businfo
Bus info          Device     Class          Description
=======================================================
pci@0000:04:00.0  enp4s0     network        Intel Corporation
                  vmbr0      network        Ethernet interface
                  vmbr10     network        Ethernet interface

Then my vmbr10 is bridged to a non-exiting interface. Explaining why vmbr10 can't access interface, it's because it's non existent anymore...
Question is still there, is there a way to communicate from my LXC with this passthrough NIC attached to my OPNSense ?
 
Last edited:
if u passthrough a pci device u can not use it additionally as bridged port.
 
Understood that's what I realized further.
So if I'm using passthrough for LAN interface on a virtual pfsense the only use would be via the physical port ?

I won't be able to use it at all elsewhere with Proxmox (CT/VM) because I can't create any bridge on it if I'm right.
 
floh8 said:
inside the vm, yes
Click to expand...
To be clear, if I'm doing passthrough of an ethernet interface to my Virtual VM pfSense, I won't be able to use this interface ANYWHERE else on my HV except inside virtual VM PfSense ?

But I will still be able to use the physical ethernet interface by connecting myself to this port with ethernet cable correct ?
 
to connect to your pfsense? do u have no switch?
but yes u can do this.
 
Yes that's the idea, I have switch sure. I can connect switch to ethernet interface and my laptop to switch also it was just to take an easy example ;)
Perfect thanks, question answered.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back