[SOLVED] LXC interfaces down when VLAN tagging

R

rootless

Active Member
Aug 5, 2018
8
0
41
Hi

I am facing the following challenge and have not been able to solve the problem:

When I tag the network interface of an LXC with a VLAN (2010), they have no connectivity and I do not see their MAC addresses on L2. If I tag a VM to same VLAN, I have connectivity. When I connect to the LXC, the interface has the status DOWN:

Code: 
eth0@if21: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether aa:aa:aa:22:22:22 brd ff:ff:ff:ff:ff:ff link-netnsid 0

I'm not sure where the problem lies. I have already switched from OVS to Linux Bridges and spent hours to this issue. Inside the LXC (Ubuntu for testing), I miss the usual logs and debugging tools, so I'm not getting any further here.

My network configuration looks like this.

PVE:

Code: 
[...]
iface enp2s0f0np0 inet manual

auto vmbr0
iface vmbr0 inet manual
    bridge-ports enp2s0f0np0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2000-2999
[...]

LXC with pct conf 888:

Code: 
arch: amd64
cores: 1
hostname: test
memory: 1024
net0: name=eth0,bridge=vmbr0,gw=10.10.10.1,hwaddr=AA:AA:AA:22:22:22,ip=10.10.10.88/24,tag=2010,type=veth
ostype: ubuntu
rootfs: local-zfs:subvol-888-disk-0,size=8G
swap: 1024
unprivileged: 1

The gateway in this example is an OPNsense firewall. However, two LXC with identical configurations in the same subnet (VID) are not visible to each other. If I attach a VM in the same Subnet (VID), I do have connectivity and can reach the gateway. The LXC remain unreachable, even for the VM.

I think the problem is with the LXC interface, which is not starting. But I don't understand why.

Are there any useful logs in LXC or does anyone have an idea what might be causing this?

Some general information:

Code: 
proxmox-ve: 8.3.0 (running kernel: 6.8.12-8-pve)
pve-manager: 8.3.4 (running version: 8.3.4/65224a0f9cd294a3)
proxmox-kernel-helper: 8.1.0
proxmox-kernel-6.8: 6.8.12-8
proxmox-kernel-6.8.12-8-pve-signed: 6.8.12-8
proxmox-kernel-6.8.12-4-pve-signed: 6.8.12-4
ceph-fuse: 17.2.7-pve3
corosync: 3.1.7-pve3
criu: 3.17.1-2+deb12u1
frr-pythontools: 8.5.2-1+pve1
glusterfs-client: 10.3-5
ifupdown2: 3.2.0-1+pmx11
intel-microcode: 3.20241112.1~deb12u1
ksm-control-daemon: 1.5-1
libjs-extjs: 7.0.0-5
libknet1: 1.28-pve1
libproxmox-acme-perl: 1.5.1
libproxmox-backup-qemu0: 1.5.1
libproxmox-rs-perl: 0.3.4
libpve-access-control: 8.2.0
libpve-apiclient-perl: 3.3.2
libpve-cluster-api-perl: 8.0.10
libpve-cluster-perl: 8.0.10
libpve-common-perl: 8.2.9
libpve-guest-common-perl: 5.1.6
libpve-http-server-perl: 5.2.0
libpve-network-perl: 0.10.0
libpve-rs-perl: 0.9.1
libpve-storage-perl: 8.3.3
libspice-server1: 0.15.1-1
lvm2: 2.03.16-2
lxc-pve: 6.0.0-1
lxcfs: 6.0.0-pve2
novnc-pve: 1.5.0-1
openvswitch-switch: 3.1.0-2+deb12u1
proxmox-backup-client: 3.3.3-1
proxmox-backup-file-restore: 3.3.3-1
proxmox-firewall: 0.6.0
proxmox-kernel-helper: 8.1.0
proxmox-mail-forward: 0.3.1
proxmox-mini-journalreader: 1.4.0
proxmox-offline-mirror-helper: 0.6.7
proxmox-widget-toolkit: 4.3.4
pve-cluster: 8.0.10
pve-container: 5.2.4
pve-docs: 8.3.1
pve-edk2-firmware: 4.2023.08-4
pve-esxi-import-tools: 0.7.2
pve-firewall: 5.1.0
pve-firmware: 3.14-3
pve-ha-manager: 4.0.6
pve-i18n: 3.3.3
pve-qemu-kvm: 9.0.2-5
pve-xtermjs: 5.3.0-3
qemu-server: 8.3.8
smartmontools: 7.3-pve1
spiceterm: 3.3.0
swtpm: 0.8.0+pve1
vncterm: 1.8.0
zfsutils-linux: 2.2.7-pve1

Any help would be appreciated. Thank you in advance.
 
Last edited:
This may have nothing to do with VLAN and I'm chasing a ghost. Maybe some driver and/or hardware issue.
 
This seems somehow related to Ubuntu 24.10. This does not work:

Code: 
# pct config 888
arch: amd64
cores: 1
hostname: test
memory: 1024
net0: name=eth0,bridge=vmbr0,gw=10.10.10.1,hwaddr=BC:24:11:77:D3:93,ip=10.10.10.88/24,tag=2010,type=veth
ostype: ubuntu
rootfs: local-zfs:subvol-888-disk-0,size=8G
swap: 1024
unprivileged: 1

# lsb_release -a
No LSB modules are available.
Distributor ID:    Ubuntu
Description:    Ubuntu 24.10
Release:        24.10
Codename:        oracular

This does work:

Code: 
# pct config 889
arch: amd64
cores: 1
hostname: test-buntu
memory: 1024
net0: name=eth0,bridge=vmbr0,gw=10.10.10.1,hwaddr=AA:AA:AA:33:33:33,ip=10.10.10.89/24,tag=2010,type=veth
ostype: ubuntu
rootfs: local-zfs:subvol-889-disk-0,size=8G
swap: 1024
unprivileged: 1

#  lsb_release -a
No LSB modules are available.
Distributor ID:    Ubuntu
Description:    Ubuntu 24.04 LTS
Release:        24.04
Codename:        noble

This seems to have some relation to Ubuntu 24.10. I tested the following standard LXC and all of them work fine:
  • Alpine 3.19
  • CentOS 9
  • Debian 12
  • Rocky 9
  • Ubuntu 24.04
The interfaces come up and I can reach other LXC in the same subnet.

While writing this answer, I was searching the forum and found this thread. And yes, with nesting is working. o_O

Is there an explanation for this behavior?
 
Last edited:
You must log in or register to reply here.
Top Bottom