Network issue since containers and Vm were migrated from Proxmox 8.4.14 Sever to Proxmox 9.0.11 Server

L

little-bear01

Member
Mar 21, 2022
4
0
6
31
Paris
Hello,

I've migrated one container (CT) and one VM from a Proxmox 8.4.14 Sever to a Proxmox 9.0.11 Server and since that, the CT and VM have weird network issues. I've also created two containers for testing this network issue. The network issue is as follows on all the CT and VM :
  • apt update & apt upgrade works fine
  • DNS resolution with nslookup, traceroute or dig works fine and fast
  • ping on all domain fails, except for my company domains
  • API calls and certbot command (for certificate generation) are extremely slow:
    • API calls : 1 minute of execution on PVE 8 Server, now it's 15 to 20 minutes of execution
    • certbot command : 2-3 minutes of execution before, now it's between 20 and 30 minutes of execution
    • Also, installation command with ansible-galaxy used to take 2 minutes, and now it's around 40 minutes to install the same package
  • All those containers and VM have a public IP that we bought from our server provider, if we remove the network with public IP and use only the internal network and bridge, everything works fine
    • It was the same public IP and configurations on the previous server, IPs have been migrated with the containers and VM
    • The provider made tests with the public IP and told us there is no problem, I don't know if I can prove the problem is on their side
    • It is not possible to remove the public IPs from the container and VM, we need those (CT and VM used for playbooks and servers management)
  • There are other containers on the PVE 9 Server, with only a private IP and they have no issue.
  • The Proxmox server 9 has no network issue
I've tried many DNS configurations and tests, but I can't pinpoint the exact issue I have here. Are there any changes in Proxmox v9 or Debian 12 for the network configuration ? I've read the release notes, but nothing seems to indicate a huge change in the network configuration.

Here are some configurations files and results of tests for one container :
Bash: 
/etc/resolv.conf : (DNS configuration use host settings)
# --- BEGIN PVE ---
search {company_domain}.com
nameserver 1.1.1.1
# --- END PVE ---

Bash: 
/etc/network/interfaces
auto lo
iface lo inet loopback

auto eth1
iface eth1 inet static
        address 10.0.0.203/27

auto eth0
iface eth0 inet static
        address 212.83.135.94/27
# --- BEGIN PVE ---
        post-up ip route add 62.210.0.1 dev eth0
        post-up ip route add default via 62.210.0.1 dev eth0
        pre-down ip route del default via 62.210.0.1 dev eth0
        pre-down ip route del 62.210.0.1 dev eth0
# --- END PVE ---


Bash: 
nslookup cloudflare.com
Server:         1.1.1.1
Address:        1.1.1.1#53

Non-authoritative answer:
Name:   cloudflare.com
Address: 104.16.133.229
Name:   cloudflare.com
Address: 104.16.132.229
Name:   cloudflare.com
Address: 2606:4700::6810:85e5
Name:   cloudflare.com
Address: 2606:4700::6810:84e5

Bash: 
traceroute cloudflare.com
traceroute to cloudflare.com (104.16.133.229), 30 hops max, 60 byte packets
 1  51-159-1-1.rev.poneytelecom.eu (51.159.1.1)  0.469 ms  5.975 ms  5.963 ms
 2  51.158.3.94 (51.158.3.94)  5.948 ms  5.932 ms 51.158.3.112 (51.158.3.112)  5.917 ms
 3  51.158.53.72 (51.158.53.72)  0.223 ms 51.158.53.70 (51.158.53.70)  0.239 ms 51.158.53.78 (51.158.53.78)  0.251 ms
 4  51.158.53.142 (51.158.53.142)  1.482 ms 51.158.53.138 (51.158.53.138)  1.027 ms 51.158.53.16 (51.158.53.16)  1.129 ms
 5  62.210.0.139 (62.210.0.139)  1.689 ms 62.210.0.149 (62.210.0.149)  1.574 ms 62.210.0.159 (62.210.0.159)  1.660 ms
 6  * 141.101.67.100 (141.101.67.100)  2.365 ms 141.101.67.98 (141.101.67.98)  2.605 ms
 7  141.101.67.91 (141.101.67.91)  1.779 ms 141.101.67.95 (141.101.67.95)  2.828 ms 141.101.67.89 (141.101.67.89)  4.808 ms
 8  104.16.133.229 (104.16.133.229)  2.339 ms  1.528 ms *

Bash: 
$ ping cloudflare.com
PING cloudflare.com(2606:4700::6810:84e5 (2606:4700::6810:84e5)) 56 data bytes
^C
--- cloudflare.com ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3109ms

$ ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=57 time=2.05 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=57 time=2.06 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=57 time=2.13 ms
64 bytes from 1.1.1.1: icmp_seq=4 ttl=57 time=2.08 ms
^C
--- 1.1.1.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 2.049/2.076/2.126/0.029 ms
 
You must log in or register to reply here.
Top Bottom