Good evening,
i've created an internal Network on host, and give each VM an additional internal IP.
The Setup is like follow:
node1 (enp0s31f6 + vmbr0 + vmbr1[internal])
|+ vms1 (vmbr0 + vmbr1)
|+ vms2 (vmbr0 + vmbr1)
|+ vms3 (vmbr0 + vmbr1)
I have on vms1 an active LDAP Server. On vms3 i have some Software theyre using LDAP Authentifcation and connect over the internal IP-Address. But this does not work.
If i ping from vms3 this is the result:
root@vms3 ~ # ping 10.10.10.11
PING 10.10.10.11 (10.10.10.11) 56(84) bytes of data.
^C
--- 10.10.10.11 ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 9197ms
if i run the same command from PVEmaster (node1), it work:
root@node1 ~ # ping 10.10.10.11
PING 10.10.10.11 (10.10.10.11) 56(84) bytes of data.
64 bytes from 10.10.10.11: icmp_seq=1 ttl=64 time=0.200 ms
BUT, if i ping over the public IP from vms1, and run after the same ping command to internal network, it work for about 5 minutes.
root@vms3 / # ping 10.10.10.11
PING 10.10.10.11 (10.10.10.11) 56(84) bytes of data.
64 bytes from 10.10.10.11: icmp_seq=1 ttl=64 time=0.185 ms
64 bytes from 10.10.10.11: icmp_seq=2 ttl=64 time=0.377 ms
Where is my mistake?
i've enclosed my network configuration and hosts configuration:
host1 (proxmox Node):
Example VMS Network: vmbr1 on each host the same, except changed IP
/etc/hosts from vms3
i've created an internal Network on host, and give each VM an additional internal IP.
The Setup is like follow:
node1 (enp0s31f6 + vmbr0 + vmbr1[internal])
|+ vms1 (vmbr0 + vmbr1)
|+ vms2 (vmbr0 + vmbr1)
|+ vms3 (vmbr0 + vmbr1)
I have on vms1 an active LDAP Server. On vms3 i have some Software theyre using LDAP Authentifcation and connect over the internal IP-Address. But this does not work.
If i ping from vms3 this is the result:
root@vms3 ~ # ping 10.10.10.11
PING 10.10.10.11 (10.10.10.11) 56(84) bytes of data.
^C
--- 10.10.10.11 ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 9197ms
if i run the same command from PVEmaster (node1), it work:
root@node1 ~ # ping 10.10.10.11
PING 10.10.10.11 (10.10.10.11) 56(84) bytes of data.
64 bytes from 10.10.10.11: icmp_seq=1 ttl=64 time=0.200 ms
BUT, if i ping over the public IP from vms1, and run after the same ping command to internal network, it work for about 5 minutes.
root@vms3 / # ping 10.10.10.11
PING 10.10.10.11 (10.10.10.11) 56(84) bytes of data.
64 bytes from 10.10.10.11: icmp_seq=1 ttl=64 time=0.185 ms
64 bytes from 10.10.10.11: icmp_seq=2 ttl=64 time=0.377 ms
Where is my mistake?
i've enclosed my network configuration and hosts configuration:
host1 (proxmox Node):
Code:
auto lo
iface lo inet loopback
iface lo inet6 loopback
auto enp0s31f6
iface enp0s31f6 inet static
address xx.xx.xx.xx
netmask 255.255.255.192
gateway xx.xx.xx.xx
up route add -net xx.xx.xx.xx netmask 255.255.255.192 gw xx.xx.xx.xx dev enp0s31f6
auto vmbr0
iface vmbr0 inet static
address xx.xx.xx.xx
netmask 255.255.255.255
bridge_ports none
bridge stp off
bridge_fd 0
up ip route add xx/32 dev vmbr0
up ip route add xx/32 dev vmbr0
up ip route add xx/32 dev vmbr0
up ip route add xx/32 dev vmbr0
up ip route add xx/32 dev vmbr0
up ip route add xx/32 dev vmbr0
auto vmbr1
iface vmbr1 inet static
address 10.10.10.10
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o enp0s31f6 -j MASQUERADE
post-down iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o enp0s31f6 -j MASQUERADEExample VMS Network: vmbr1 on each host the same, except changed IP
Code:
auto lo
iface lo inet loopback
auto ens18
iface ens18 inet static
address xx.xx.xx.xx
netmask 255.255.255.255
pointopoint xx.xx.xx.xx
gateway xx.xx.xx.xx
auto ens19
iface ens19 inet static
address 10.10.10.11
netmask 255.255.255.0
pointopoint 10.10.10.10
gateway 10.10.10.10/etc/hosts from vms3
Code:
127.0.0.1 localhost
127.0.1.1 vms1 vs1.xx.xx
xx.xx.xx.xx vms1 vs1.xx.xx
10.10.10.10 node1.xx.xx node1
10.10.10.11 vms1.xx.xx vms1
10.10.10.12 vms2.xx.xx vms2