LXC / VM network problem with the default config

[R2D2]

Hi at all,

i am new in the Forum an have already the first question.

I have a problem with my default Network config.

The Problem is the VM or LXC, can ping to my network, but the Ping come not behinde to the Container.

Firewalls are off in Proxmox.

Host -> extern Router in my Netzwerk (ping ok)

Host -> LXC (ping ok)
LXC -> Host (ping ok)

Host -> VM (ping ok)
VM -> Host (ping ok)

VM/LXC each other (ping ok)

Below are a few config files.

I'm very excited what you think, what the problem is.

Thanks for watching

root@server01:~# cat /etc/network/interfaces

auto lo
iface lo inet loopback

iface enp5s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.5.254/24
        gateway 192.168.5.1
        bridge-ports enp5s0
        bridge-stp off
        bridge-fd 0

root@server01:~# cat /etc/pve/lxc/105.conf
arch: amd64
cores: 1
hostname: test5
memory: 512
net0: name=eth0,bridge=vmbr0,gw=192.168.5.1,hwaddr=76:48:97:DE:AE:EC,ip=192.168.5.105/24,ip6=auto,type=veth
ostype: ubuntu
rootfs: local-zfs:subvol-105-disk-0,size=8G
swap: 512

root@server01:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP group default qlen 1000
    link/ether XX:XX:XX:XX:36:7e brd ff:ff:ff:ff:ff:ff
3: wlo1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether XX:XX:XX:XX:b2:ee brd ff:ff:ff:ff:ff:ff
4: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether XX:XX:XX:XX:36:7e brd ff:ff:ff:ff:ff:ff
    inet 192.168.5.254/24 scope global vmbr0
       valid_lft forever preferred_lft forever
    inet6 fe80::1ac0:4dff:fe81:367e/64 scope link
       valid_lft forever preferred_lft forever
5: tap204i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr0 state UNKNOWN group default qlen 1000
    link/ether 36:92:1c:24:b0:81 brd ff:ff:ff:ff:ff:ff
6: veth105i0@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
    link/ether fe:76:fb:a9:16:d6 brd ff:ff:ff:ff:ff:ff link-netnsid 0

 

[oguz]

hi,

The Problem is the VM or LXC, can ping to my network, but the Ping come not behinde to the Container.

what do you mean? your container is not pingable from inside the subnet but it can ping others?

does ping work for:
* LXC -> router in network
* random host in network -> LXC
* LXC -> 1.1.1.1 or LXC -> 8.8.8.8

also interesting would be the routes inside the container and on the host, can you post the output for ip r for both?

 

[R2D2]

does ping work for:
* LXC -> router in network
* random host in network -> LXC
* LXC -> 1.1.1.1 or LXC -> 8.8.8.8

Hi,

sry i forgot.

LXC / VM -> route in Network / 1.1.1.1 (Ping is answered from a host in network, but does not return to the container)

I found the Problem.

If you have a NIC 2.5G (Intel i225-V), then the Linux Bridge cannot connect to the NIC.

The problem is a bug in the Kernel 5.4. If you have an PVE 6.4 with a kernel 5.4, you need a Update to the Kernel 5.11. Then it works.

But the "VLAN aware" is not working.

auto lo
iface lo inet loopback

iface enp5s0 inet manual

auto vmbr0
iface vmbr0 inet manual
        bridge-ports enp5s0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094