Hi,
We have an issue with IP fragmentation not working.
We're not exactly sure where the problem lies but it definitely seems to be related to Proxmox (not affecting VMs on SmartOS at all - connected to the same switches etc).
Basically, our setup is as follows:
1. Running PVE 6.1 with all updates installed and running (except for latest kernel):
pve-manager/6.2-4/9824574a (running kernel: 5.3.13-1-pve)
2. 12-node cluster with firewall/ebtables enabled - cluster > host > VM (icmp traffic allowed)
3. We CAN ping with large (2000byte) packets between VMs on the SAME host (ON THE SAME VLAN), but we are unable to do so between VMs on DIFFERENT hosts but also on the SAME VLAN
4. We also cannot ping those VMs on the Proxmox hosts with large packets from the Internet (standard 56byte packets work fine).
We have a suspicion that this is related to iptables on PVE dropping fragmented datagrams, but we're not sure at which layer (i.e. CLUSTER vs HOST vs VM) nor how to fix it?
Any ideas?
Kind regards,
Angelo.
We have an issue with IP fragmentation not working.
We're not exactly sure where the problem lies but it definitely seems to be related to Proxmox (not affecting VMs on SmartOS at all - connected to the same switches etc).
Basically, our setup is as follows:
1. Running PVE 6.1 with all updates installed and running (except for latest kernel):
pve-manager/6.2-4/9824574a (running kernel: 5.3.13-1-pve)
2. 12-node cluster with firewall/ebtables enabled - cluster > host > VM (icmp traffic allowed)
3. We CAN ping with large (2000byte) packets between VMs on the SAME host (ON THE SAME VLAN), but we are unable to do so between VMs on DIFFERENT hosts but also on the SAME VLAN
4. We also cannot ping those VMs on the Proxmox hosts with large packets from the Internet (standard 56byte packets work fine).
We have a suspicion that this is related to iptables on PVE dropping fragmented datagrams, but we're not sure at which layer (i.e. CLUSTER vs HOST vs VM) nor how to fix it?
Any ideas?
Kind regards,
Angelo.
Last edited:
