Martians attack ! (Lxc containers issues)

tlex

Member
Mar 9, 2021
87
6
8
41
My syslogs logs started getting flooded as soon as I started creating and running containers.
The setup I have is nothing complicated, I don't know if that can be related but my main router is PfSense virtualized on that same host. Containers and VM are running smooth except for those log flood when the containers are running :

Aug 04 08:29:04 pve kernel: ll header: 00000000: ff ff ff ff ff ff 28 16 a8 72 ac ca 08 00 Aug 04 08:29:06 pve kernel: IPv4: martian source 255.255.255.255 from 10.32.50.19, on dev eth0 Aug 04 08:29:06 pve kernel: ll header: 00000000: ff ff ff ff ff ff 00 0c 15 01 46 c6 08 00 Aug 04 08:29:14 pve kernel: IPv4: martian source 255.255.255.255 from 10.32.50.196, on dev eth0 Aug 04 08:29:14 pve kernel: ll header: 00000000: ff ff ff ff ff ff 72 cb a2 b3 5a 2e 08 00 Aug 04 08:29:23 pve kernel: IPv4: martian source 255.255.255.255 from 10.32.50.34, on dev eth0 Aug 04 08:29:23 pve kernel: ll header: 00000000: ff ff ff ff ff ff 92 df 18 27 d4 89 08 00 Aug 04 08:29:29 pve kernel: IPv4: martian source 255.255.255.255 from 10.32.50.194, on dev eth0 Aug 04 08:29:29 pve kernel: ll header: 00000000: ff ff ff ff ff ff 28 16 a8 72 ac ca 08 00 Aug 04 08:29:29 pve kernel: IPv4: martian source 255.255.255.255 from 10.32.50.194, on dev eth0 Aug 04 08:29:29 pve kernel: ll header: 00000000: ff ff ff ff ff ff 28 16 a8 72 ac ca 08 00 Aug 04 08:29:36 pve kernel: IPv4: martian source 255.255.255.255 from 10.32.50.19, on dev eth0 Aug 04 08:29:36 pve kernel: ll header: 00000000: ff ff ff ff ff ff 00 0c 15 01 46 c6 08 00 Aug 04 08:29:54 pve kernel: IPv4: martian source 255.255.255.255 from 10.32.50.194, on dev eth0

In the meantime I read a few other posts and comments like this one :
https://nerdig-es.translate.goog/proxmox-martians/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en

So at first I tried adding the following options to sysctl.conf but with success :
net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.default.arp_ignore = 1

and running "sysctl -p" and then "ip -s -s neigh flush all"

I ended up muting all the martians log with the following option but I feel like this is like patching a problem. Is there anything else I could investigate ? This is definitely related to the containers since I dont have any physical interface called "eth0". Also the IP mentionned in the logs are from ressources located both on this proxmox host and elsewhere on the network. All containers firewall option is disabled. ipv4 set to dhcp, ipv6 to static with no ip specified.

(muting martians logs)
/etc/sysctl.conf:
net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.lo.log_martians = 0

One thing I'm wondering (end tell me if I'm wrong) but every time I create a new container, the "Name" of the "veth" for each container is called "eth0". Should that be differently name for each container ?

/etc/network/interfaces:
auto lo iface lo inet loopback auto enp7s0 iface enp7s0 inet manual auto enp8s0 iface enp8s0 inet manual #LAN auto enp9s0 iface enp9s0 inet manual #WAN iface enp6s0 inet manual auto vmbr0 iface vmbr0 inet static address 10.32.50.6/24 gateway 10.32.50.1 bridge-ports enp8s0 bridge-stp off bridge-fd 0 bridge-vlan-aware yes bridge-vids 1-4094 #LAN auto vmbr1 iface vmbr1 inet manual bridge-ports enp9s0 bridge-stp off bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094 bridge-ageing 0 #WAN
 

tlex

Member
Mar 9, 2021
87
6
8
41
No one can help me with that ?
logs are back this morning even with :

net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.lo.log_martians = 0

I just can't figure it...
 

tlex

Member
Mar 9, 2021
87
6
8
41
I changed the boot order for the lxc containers to be the last one to boot (ie after my pfsense vm) and the problem seems to be gone. Would that make any sense ?
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!