Situation
A few VM's have 2 NIC's, one for the public network and one for the LAN which is using the vmbr10 bridge. A database server is currently hosted on the proxmox host and need to be moved to a physical server outside of the proxmox host.
The proxmox (nodes) hosts are configured as a cluster. We have 4 nodes which are configured to use a public IP address (eth0) and the secondary NIC (eth1) is connected to a unmanaged switch, which is the LAN. The nodes along with the VM's talk to each other using this network.
Question
How can I proceed to make the VM's to talk with the physical server (database server) outside of the hosts (nodes) using eth1.
Hosts (nodes) Network Configuration
iface eth0 inet manual
auto vmbr0 # WAN
iface vmbr0 inet static
address 184.x.x.x
netmask 255.255.255.224
gateway 184.x.x.x
broadcast 184.x.x.x
bridge_ports eth0
bridge_stp off
bridge_fd 0
auto eth1 # LAN -> Unmanaged Switch
iface eth1 inet static
address 10.10.1.1
netmask 255.0.0.0
auto vmbr10 # Bridge for the VMs
iface vmbr10 inet manual
bridge_ports eth1.10
bridge_stp off
bridge_fd 0
VM Network Configuration (Need to talk with the Database server)
auto eth0 # WAN
iface eth0 inet static
address 209.x.x.x
netmask 255.255.255.224
broadcast 209.x.x.x
gateway 209.x.x.x
auto eth1 # LAN connected to vmbr10
iface eth1 inet static
address 10.0.2.1
netmask 255.255.255.0
Database Server (Physical Server outside of the cluster)
auto eth0 # WAN
iface eth0 inet static
address 184.x.x.x
netmask 255.255.255.224
network 184.x.x.x
broadcast 184.x.x.x
gateway 184.x.x.x
auto eth1 # LAN -> Unmanaged Switch which can ping all the nodes
iface eth1 inet static
address 10.10.1.4
netmask 255.0.0.0
auto eth1:0 # Database IP address which need to talk to the VM (10.0.2.1)
iface eth1:0 inet static
address 10.0.2.98
netmask 255.255.255.0
Troubleshooting
They can see each other:
I see incoming ICMP requests on the database server from the VM:
Ping from the database to the VM and vice versa:
I don't get it, they see each other, but don't talk.
A few VM's have 2 NIC's, one for the public network and one for the LAN which is using the vmbr10 bridge. A database server is currently hosted on the proxmox host and need to be moved to a physical server outside of the proxmox host.
The proxmox (nodes) hosts are configured as a cluster. We have 4 nodes which are configured to use a public IP address (eth0) and the secondary NIC (eth1) is connected to a unmanaged switch, which is the LAN. The nodes along with the VM's talk to each other using this network.
Question
How can I proceed to make the VM's to talk with the physical server (database server) outside of the hosts (nodes) using eth1.
Hosts (nodes) Network Configuration
iface eth0 inet manual
auto vmbr0 # WAN
iface vmbr0 inet static
address 184.x.x.x
netmask 255.255.255.224
gateway 184.x.x.x
broadcast 184.x.x.x
bridge_ports eth0
bridge_stp off
bridge_fd 0
auto eth1 # LAN -> Unmanaged Switch
iface eth1 inet static
address 10.10.1.1
netmask 255.0.0.0
auto vmbr10 # Bridge for the VMs
iface vmbr10 inet manual
bridge_ports eth1.10
bridge_stp off
bridge_fd 0
VM Network Configuration (Need to talk with the Database server)
auto eth0 # WAN
iface eth0 inet static
address 209.x.x.x
netmask 255.255.255.224
broadcast 209.x.x.x
gateway 209.x.x.x
auto eth1 # LAN connected to vmbr10
iface eth1 inet static
address 10.0.2.1
netmask 255.255.255.0
Database Server (Physical Server outside of the cluster)
auto eth0 # WAN
iface eth0 inet static
address 184.x.x.x
netmask 255.255.255.224
network 184.x.x.x
broadcast 184.x.x.x
gateway 184.x.x.x
auto eth1 # LAN -> Unmanaged Switch which can ping all the nodes
iface eth1 inet static
address 10.10.1.4
netmask 255.0.0.0
auto eth1:0 # Database IP address which need to talk to the VM (10.0.2.1)
iface eth1:0 inet static
address 10.0.2.98
netmask 255.255.255.0
Troubleshooting
They can see each other:
Code:
root@database:~# tcpdump -ann -i eth1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
12:26:11.843817 ARP, Request who-has 10.0.2.98 tell 10.0.2.1, length 42
12:26:12.003217 ARP, Request who-has 10.0.2.1 tell 10.0.2.98, length 28
12:26:12.853775 ARP, Request who-has 10.0.2.98 tell 10.0.2.1, length 42
12:26:13.003217 ARP, Request who-has 10.0.2.1 tell 10.0.2.98, length 28
12:26:14.845013 ARP, Request who-has 10.0.2.98 tell 10.0.2.1, length 42
12:26:15.003221 ARP, Request who-has 10.0.2.1 tell 10.0.2.98, length 28
12:26:15.843994 ARP, Request who-has 10.0.2.98 tell 10.0.2.1, length 42
12:26:16.003199 ARP, Request who-has 10.0.2.1 tell 10.0.2.98, length 28
Code:
root@database:~# tcpdump -ann -i eth1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
12:27:36.073255 IP 10.0.2.98 > 10.0.2.1: ICMP echo request, id 26858, seq 6, length 64
12:27:37.073246 IP 10.0.2.98 > 10.0.2.1: ICMP echo request, id 26858, seq 7, length 64
12:27:38.073243 IP 10.0.2.98 > 10.0.2.1: ICMP echo request, id 26858, seq 8, length 64
12:27:39.073247 IP 10.0.2.98 > 10.0.2.1: ICMP echo request, id 26858, seq 9, length 64
12:27:40.073243 IP 10.0.2.98 > 10.0.2.1: ICMP echo request, id 26858, seq 10, length 64
Ping from the database to the VM and vice versa:
Code:
root@database:~# ping 10.0.2.1
PING 10.0.2.1 (10.0.2.1) 56(84) bytes of data.
From 10.0.2.98 icmp_seq=1 Destination Host Unreachable
From 10.0.2.98 icmp_seq=2 Destination Host Unreachable
From 10.0.2.98 icmp_seq=3 Destination Host Unreachable
From 10.0.2.98 icmp_seq=5 Destination Host Unreachable
I don't get it, they see each other, but don't talk.
Last edited: