Hello,
I cannot seem to get DHCP to work - looks like the packages are not forwarded - to either a VM or a container in Proxmox, using Linux Native Bridge. It does however work if I have the same configuration using OVS. Proxmox is running as an instance inside ESXi 7.0.
ESXi Config
I cannot seem to get DHCP to work - looks like the packages are not forwarded - to either a VM or a container in Proxmox, using Linux Native Bridge. It does however work if I have the same configuration using OVS. Proxmox is running as an instance inside ESXi 7.0.
ESXi Config
- Network adapters added as VMXNET3
- Hardware assisted virtualization is exposed to the guest OS
- IOMMU is exposed to the guest OS
- vSwitch Security:
- Promiscuous mode accepted
- MAC adadress changes accepted
- Forged transmits accepted
- All port groups inherit the settings from the above vSwitch
- pveversion:
[*]proxmox-ve: 6.2-1 (running kernel: 5.4.41-1-pve)
pve-manager: 6.2-6 (running version: 6.2-6/ee1d7754)
pve-kernel-5.4: 6.2-2
pve-kernel-helper: 6.2-2
pve-kernel-5.4.41-1-pve: 5.4.41-1
pve-kernel-5.4.34-1-pve: 5.4.34-2
ceph-fuse: 12.2.11+dfsg1-2.1+b1
corosync: 3.0.3-pve1
criu: 3.11-3
glusterfs-client: 5.5-3
ifupdown: residual config
ifupdown2: 3.0.0-1+pve2
ksm-control-daemon: 1.3-1
libjs-extjs: 6.0.1-10
libknet1: 1.15-pve1
libproxmox-acme-perl: 1.0.4
libpve-access-control: 6.1-1
libpve-apiclient-perl: 3.0-3
libpve-common-perl: 6.1-3
libpve-guest-common-perl: 3.0-10
libpve-http-server-perl: 3.0-5
libpve-storage-perl: 6.1-8
libqb0: 1.0.5-1
libspice-server1: 0.14.2-4~pve6+1
lvm2: 2.03.02-pve4
lxc-pve: 4.0.2-1
lxcfs: 4.0.3-pve2
novnc-pve: 1.1.0-1
openvswitch-switch: 2.12.0-1
proxmox-mini-journalreader: 1.1-1
proxmox-widget-toolkit: 2.2-7
pve-cluster: 6.1-8
pve-container: 3.1-8
pve-docs: 6.2-4
pve-edk2-firmware: 2.20200229-1
pve-firewall: 4.1-2
pve-firmware: 3.1-1
pve-ha-manager: 3.0-9
pve-i18n: 2.1-3
pve-qemu-kvm: 5.0.0-4
pve-xtermjs: 4.3.0-1
qemu-server: 6.2-3
smartmontools: 7.1-pve2
spiceterm: 3.1-1
vncterm: 1.6-1
zfsutils-linux: 0.8.4-pve1
[*]
Proxmox
- Network Config:
Code:
auto ens161
iface ens161 inet manual
ovs_type OVSPort
ovs_bridge vmbr2
auto vmbr2
iface vmbr2 inet manual
ovs_type OVSBridge
ovs_ports ens161Container
- Config:
Code:
arch: amd64
cores: 1
hostname: test2
memory: 512
net0: name=eth0,bridge=vmbr2,hwaddr=82:97:D3:68:1F:50,ip=dhcp,type=veth
ostype: ubuntu
rootfs: storage:102/vm-102-disk-0.raw,size=8G
swap: 512
unprivileged: 1
Linux Native BridgeProxmox
- Network Config:
Code:
auto ens161
iface ens161 inet manual
auto vmbr2
iface vmbr2 inet manual
bridge-ports ens161
bridge-stp off
bridge-fd 0Container
- Config:
Code:
arch: amd64
cores: 1
hostname: test2
memory: 512
net0: name=eth0,bridge=vmbr2,hwaddr=82:97:D3:68:1F:50,ip=dhcp,type=veth
ostype: ubuntu
rootfs: storage:102/vm-102-disk-0.raw,size=8G
swap: 512
unprivileged: 1
Summary- Disabled firewall on dom0 (Proxmox)
- Disabled firewall on container network
- Running the Linux Native Bridge does not allow the DHCP replies to be forwarded to the container, while running the same with OVS Bridge allows the DHCP replies to be forwared.
- From dom0 (Proxmox) I can see the following DHCP exchange:
-
Code:
23:54:02.914073 82:97:d3:68:1f:50 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 82:97:d3:6 8:1f:50, length 300 23:54:03.916669 00:0c:29:bb:77:80 > 82:97:d3:68:1f:50, ethertype IPv4 (0x0800), length 342: 192.168.XXX.XXX.67 > 192.168.XXX.XXX.68: BOOTP/DHCP, Reply, length 300 - While in the Container (in Linux Native Bridge mode) I can only see the request:
Code:21:54:02.914083 82:97:d3:68:1f:50 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 82:97:d3:68:1f:50, length 300