Hey all,
I'm setting up a lab with a Proxmox/ceph 3 node cluster.
WAN is being provided by a pfsense VM on a different PVE (running multiple pfsense instances for different uses) where the rules are set to block all traffic in the lab LAN except for a specific range of management IP addresses that can access the web.
For some reason, the range of blocked IP's can still ping any system that's a part of the PVE cluster.
Any of these "blocked" VM IP address, along with each cluster node, is completely accessible.
This same blocked range can not do anything else...they can't ping each other, they can't get to the web, etc.
Any reason why it does this? My best guess is the OVS Bridge requires firewall rules on the PVE node?
Thanks!
I'm setting up a lab with a Proxmox/ceph 3 node cluster.
WAN is being provided by a pfsense VM on a different PVE (running multiple pfsense instances for different uses) where the rules are set to block all traffic in the lab LAN except for a specific range of management IP addresses that can access the web.
For some reason, the range of blocked IP's can still ping any system that's a part of the PVE cluster.
Any of these "blocked" VM IP address, along with each cluster node, is completely accessible.
This same blocked range can not do anything else...they can't ping each other, they can't get to the web, etc.
Any reason why it does this? My best guess is the OVS Bridge requires firewall rules on the PVE node?
Thanks!
