I have 2 vm's with a tomcat service with the following net config:
vm1:
IPADDR=192.168.0.21/24
GATEWAY=192.168.0.10
vm2:
IPADDR=192.168.0.22/24
GATEWAY=192.168.0.10
and the vmbr1 is a simple Bridge ( from here: https://pve.proxmox.com/wiki/Network_Configuration )
$ cat /etc/network/interfaces
...................
auto vmbr1
iface vmbr1 inet static
address 192.168.0.10
netmask 24
gateway 192.168.0.1
bridge-ports eno2
bridge-stp off
bridge-fd 0
...................
I can ping and ssh between those 2 vm's
All firewall options form the admin dashboard are disabled and all iptables rules are flushed
$ iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
I can see the tomcat service available from the local machine on port 8080:
$ ss -nutlp
tcp LISTEN 0 100 0.0.0.0:8080 0.0.0.0:* users
("java",pid=824,fd=49))
and nmap is showing the same if I run on local machine
$ nmap 127.0.0.1 -p 8080
...........................................
PORT STATE SERVICE
8080/tcp open http-proxy
and I can
$ curl 192.168.0.4:8080/app/healtcheck
outside the proxmox cluster
and I can ping and ssh from outside the proxmox cluster on vm1 or vm2 ( through local network )
The problem ---------------------------------------------------------------------------------------------------------
when I try to reach vm1 or vm2 machine on port 8080 I got the following:
$ nmap 192.168.0.22 -p 8080
...........................................
PORT STATE SERVICE
8080/tcp filtered http-proxy
and for curl I got this response:
$ curl 192.168.0.22:8080/app/healtcheck
curl: (7) Failed to connect to 192.168.0.22 port 8080: No route to host
I have no idea why
Solution:
After 2 days I found the "firewall-cmd" rather than "iptables" now it's working
vm1:
IPADDR=192.168.0.21/24
GATEWAY=192.168.0.10
vm2:
IPADDR=192.168.0.22/24
GATEWAY=192.168.0.10
and the vmbr1 is a simple Bridge ( from here: https://pve.proxmox.com/wiki/Network_Configuration )
$ cat /etc/network/interfaces
...................
auto vmbr1
iface vmbr1 inet static
address 192.168.0.10
netmask 24
gateway 192.168.0.1
bridge-ports eno2
bridge-stp off
bridge-fd 0
...................
I can ping and ssh between those 2 vm's
All firewall options form the admin dashboard are disabled and all iptables rules are flushed
$ iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
I can see the tomcat service available from the local machine on port 8080:
$ ss -nutlp
tcp LISTEN 0 100 0.0.0.0:8080 0.0.0.0:* users
("java",pid=824,fd=49))and nmap is showing the same if I run on local machine
$ nmap 127.0.0.1 -p 8080
...........................................
PORT STATE SERVICE
8080/tcp open http-proxy
and I can
$ curl 192.168.0.4:8080/app/healtcheck
outside the proxmox cluster
and I can ping and ssh from outside the proxmox cluster on vm1 or vm2 ( through local network )
The problem ---------------------------------------------------------------------------------------------------------
when I try to reach vm1 or vm2 machine on port 8080 I got the following:
$ nmap 192.168.0.22 -p 8080
...........................................
PORT STATE SERVICE
8080/tcp filtered http-proxy
and for curl I got this response:
$ curl 192.168.0.22:8080/app/healtcheck
curl: (7) Failed to connect to 192.168.0.22 port 8080: No route to host
I have no idea why
Solution:
After 2 days I found the "firewall-cmd" rather than "iptables"
now it's working
Last edited:
