Hello!
In a VM I created a network namespace "ns_twsgw" (IP a.b.c.82, main IP a.b.c.81) with a bridged macvlan (second MAC address on the virtual ETH IF).
I see all the ping packets from the "ns_twsgw" network inside the VM with tcpdump, but I don't see them on the bridge IF (e.g.: fwpr106p0).
I see all the ping packets from the main network inside the VM with tcpdump and I see them all on the bridge IF (e.g.: fwpr106p0).
The setup is working on my private Linux machine (both networks can ping), but it seems the Proxmox firewall is filtering all packets from the "ns_twsgw" network.
I am debugging this since several days and I think the problem is somehow related to the "PHYSDEV" rules the PVE firewall is creating.
a) Is this a know problem?
b) does the PVE FW support several MAC address on the same virtual ETH IF?
c) How can I solve that?
I added a script to create the "ns_twsgw" namespace, if someone is interested how to do that.
BR,
Jasmin
In a VM I created a network namespace "ns_twsgw" (IP a.b.c.82, main IP a.b.c.81) with a bridged macvlan (second MAC address on the virtual ETH IF).
I see all the ping packets from the "ns_twsgw" network inside the VM with tcpdump, but I don't see them on the bridge IF (e.g.: fwpr106p0).
I see all the ping packets from the main network inside the VM with tcpdump and I see them all on the bridge IF (e.g.: fwpr106p0).
The setup is working on my private Linux machine (both networks can ping), but it seems the Proxmox firewall is filtering all packets from the "ns_twsgw" network.
I am debugging this since several days and I think the problem is somehow related to the "PHYSDEV" rules the PVE firewall is creating.
a) Is this a know problem?
b) does the PVE FW support several MAC address on the same virtual ETH IF?
c) How can I solve that?
I added a script to create the "ns_twsgw" namespace, if someone is interested how to do that.
BR,
Jasmin