Connection blocked between some VMs for no apparent reason

[jurski_eu]

Hi,

All of a sudden, I have issues when connecting from some VMs to other VMs e.g. on an arbitrary port 1234 or on a regular HTTP 80. Firewall is disabled on Cluster level, on node level and on VMs level. I have also stopped on the node via systemctl all firewall services: proxmox-firewall.service and pve-firewall.service. In both firewall and systemlogs there are no hints whatsoever what would happen. All VMs are connected via default bridge vmbr0. Sometimes restarting the host helps and VMs can connect again..

root@pve:~# pveversion --verbose
proxmox-ve: 8.2.0 (running kernel: 6.8.8-1-pve)
pve-manager: 8.2.4 (running version: 8.2.4/faa83925c9641325)
proxmox-kernel-helper: 8.1.0
pve-kernel-5.15: 7.4-12
proxmox-kernel-6.8: 6.8.8-1
proxmox-kernel-6.8.8-1-pve-signed: 6.8.8-1
proxmox-kernel-6.8.4-3-pve-signed: 6.8.4-3
pve-kernel-5.15.149-1-pve: 5.15.149-1
pve-kernel-5.15.108-1-pve: 5.15.108-2
pve-kernel-5.15.104-1-pve: 5.15.104-2
pve-kernel-5.15.102-1-pve: 5.15.102-1
ceph-fuse: 16.2.11+ds-2
corosync: 3.1.7-pve3
criu: 3.17.1-2
glusterfs-client: 10.3-5
ifupdown2: 3.2.0-1+pmx8
ksm-control-daemon: 1.5-1
libjs-extjs: 7.0.0-4
libknet1: 1.28-pve1
libproxmox-acme-perl: 1.5.1
libproxmox-backup-qemu0: 1.4.1
libproxmox-rs-perl: 0.3.3
libpve-access-control: 8.1.4
libpve-apiclient-perl: 3.3.2
libpve-cluster-api-perl: 8.0.7
libpve-cluster-perl: 8.0.7
libpve-common-perl: 8.2.1
libpve-guest-common-perl: 5.1.3
libpve-http-server-perl: 5.1.0
libpve-network-perl: 0.9.8
libpve-rs-perl: 0.8.9
libpve-storage-perl: 8.2.2
libspice-server1: 0.15.1-1
lvm2: 2.03.16-2
lxc-pve: 6.0.0-1
lxcfs: 6.0.0-pve2
novnc-pve: 1.4.0-3
proxmox-backup-client: 3.2.4-1
proxmox-backup-file-restore: 3.2.4-1
proxmox-firewall: 0.4.2
proxmox-kernel-helper: 8.1.0
proxmox-mail-forward: 0.2.3
proxmox-mini-journalreader: 1.4.0
proxmox-widget-toolkit: 4.2.3
pve-cluster: 8.0.7
pve-container: 5.1.12
pve-docs: 8.2.2
pve-edk2-firmware: 4.2023.08-4
pve-esxi-import-tools: 0.7.1
pve-firewall: 5.0.7
pve-firmware: 3.12-1
pve-ha-manager: 4.0.5
pve-i18n: 3.2.2
pve-qemu-kvm: 8.1.5-6
pve-xtermjs: 5.3.0-3
qemu-server: 8.2.1
smartmontools: 7.3-pve1
spiceterm: 3.3.0
swtpm: 0.8.0+pve1
vncterm: 1.8.0
zfsutils-linux: 2.2.4-pve1

 

[Moayad]

I would check the tcpdump to see what happened, plus if you provide us with the VM config and the network configuration will help us to see if there is any issue or misconfiguration in your network config.

 

[jurski_eu]

Thanks for reaching back. I have also tested and checked with tcpdump the source host, the destination host and the proxmox host itself but there was no indication whatsoever where the connection has been blocked - only on the source host there was information about outgoing connection but nowhere info where this connection goes and terminates.
Since I need a stable virtualization product I have currently switched to XCP-ng for testing and evaluation. I am currently testing different solutions and alternatives for VMware ESXi.

[EDIT]
There were no changes to the network configuration before it happened - as I have written, it came up all of sudden without any logical explanation.