LXC networking oddity

fleabeard

New Member
Jun 12, 2022
17
2
3
I have 2 LXC containers both configured for the same VLAN. However, one LXC is getting an IP address and has a route to the internet which is what I want. However, for the 2nd LXC, this isn't happening. Here's how they are both configured. Where is LXC 1 getting it's IP if it's supposed to be static and not have ip info specified?

I have confirmed in pfsense that there are no static mappings for this VLAN interface and DHCP is enabled, so I'm not sure what's going on here.

LXC 1:

1655997632254.png

1655997652698.png

1655997666735.png

LXC 2:

1655997738828.png
1655997752791.png
1655997764073.png
 
Last edited:

guywhotypeslow

New Member
Jun 23, 2022
8
2
3
I have a couple questions to get started.

You mention that you have them on the same VLAN but under VLAN tags you have "no VLAN" If you are doing VLAN tagging at all, what are you doing the tagging with?

You have the IP set to static, but you have no IP set. Are you trying to set the IP statically or are you trying to have them issued via DHCP?

You said you checked pfsense for static mappings, but did you check if it had issued a lease for that mac address?
(you would check this under Status > DHCP Leases)

Assuming you are trying to just set the IPs via DHCP I would just select DHCP on both containers and also set a static mapping in pfsense. This is what I do personally. Just be sure to set the static mapping first or else you will have to renew the lease to get the right IP.

That of course doesn't answer where that IP address is coming from. The only place I can think of off the top of my head is that you have it statically set inside the container itself. I would check /etc/network/interfaces and see if you have one set there. If so you should probably set that to auto so that it can be managed from the outside.
 

fleabeard

New Member
Jun 12, 2022
17
2
3
I have a couple questions to get started.

You mention that you have them on the same VLAN but under VLAN tags you have "no VLAN" If you are doing VLAN tagging at all, what are you doing the tagging with?

You have the IP set to static, but you have no IP set. Are you trying to set the IP statically or are you trying to have them issued via DHCP?

You said you checked pfsense for static mappings, but did you check if it had issued a lease for that mac address?
(you would check this under Status > DHCP Leases)

Assuming you are trying to just set the IPs via DHCP I would just select DHCP on both containers and also set a static mapping in pfsense. This is what I do personally. Just be sure to set the static mapping first or else you will have to renew the lease to get the right IP.

That of course doesn't answer where that IP address is coming from. The only place I can think of off the top of my head is that you have it statically set inside the container itself. I would check /etc/network/interfaces and see if you have one set there. If so you should probably set that to auto so that it can be managed from the outside.
VLAN tagging is done via the switch in my case. Specifically a TP-Link TL-SG3424P. Here's a peak at my pve's Network config:
1656077734543.png

In regards to static/DHCP. I would like them to work via DHCP. I'm not real sure how they initially ended up with this non-specified static ip configuration. I had set these up a long time ago and are just now trying to segment my network for their usage.

I shut down LXC1 and deleted the DHCP lease from pfsense while it was still non-specified static ip and started it up again and it got the same ip address again. Except now I can't ping websites via IP or DNS. My /etc/network/interfaces has no static ip specified on any of the containers.

Code:
# UNCONFIGURED INTERFACES
# remove the above line if you edit this file

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

allow-hotplug eth1
iface eth1 inet dhcp

Perhaps the dhcp lines in my /etc/network/interfaces is what pve is falling back to when a static ip isn't specified?
 

guywhotypeslow

New Member
Jun 23, 2022
8
2
3
So, comparing my one static container to my other DHCP containers, the one that is static has the IP set in /etc/network/interfaces and the DHCP ones say auto in that same file. So without knowing all the innerworkings of proxmox it stands to reason that selecting one or the other at least edits that file inside the container. Similar to the way that setting the password during creation just edits the /etc/shadow entry for the root user.

It is still possible that you could have a static set in a file under the /etc/network/interfaces.d directory but that seems less likely. Especially because...

You mentioned that you deleted the DHCP lease from pfsense. That seems to confirm that it did in fact get the address from pfsense. Other than the fact that you aren't getting internet on that container now that seems like it's kind of working as intended.

The best next step is to select DHCP in the container settings in proxmox so that they reflect what you are trying to achieve. It's possible that that alone would fix your issue. Other than editing the /etc/network/interfaces file pve might do some other things that could be preventing this from working.

If it doesn't work still then the only other things I can think of are that you either have a firewall rule interfering or you may even have some other machine with the same MAC address. If you did regardless of having a static or not pfsense would try to provide the same IP as that MAC address already had which would then create an IP conflict.
 

fleabeard

New Member
Jun 12, 2022
17
2
3
So, I'm not sure why this happens. But when I first boot a new LXC it can't ping any websites or anything. But if I let it sit for 5-10 mins everything starts working fine.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!