Network Question

K

kirelgt

Member
Nov 16, 2010
85
0
6
Hello everyone.

I have 2 Proxmox. Each proxmox has two NIC cards. I have been following step by step other posts and put everything exactly, but I cannot get it to work. Here is the whole information.

Proxmox_1

auto eth0
iface eth0 inet static
address 0.0.0.0
netmask 0.0.0.0

auto vmbr0
iface vmbr0 inet static
address 10.10.10.6
netmask 255.255.255.0
gateway 10.10.10.3
bridge_ports eth0
bridge_stp off
bridge_fd 0

auto eth1
iface eth1 inet static
address 0.0.0.0
netmask 0.0.0.0

auto eth1.1
iface eth1.1 inet static
address 0.0.0.0
netmask 0.0.0.0

auto vmbr1
iface vmbr1 inet manual
bridge_ports eth1.1
bridge_stp off
bridge_fd 0


Proxmox-2

auto eth0
iface eth0 inet static
address 0.0.0.0
netmask 0.0.0.0

auto vmbr0
iface vmbr0 inet static
address 10.10.10.230
netmask 255.255.255.0
gateway 10.10.10.3
bridge_ports eth0
bridge_stp off
bridge_fd 0

auto eth1
iface eth1 inet static
address 0.0.0.0
netmask 0.0.0.0

auto eth1.1
iface eth1.1 inet static
address 0.0.0.0
netmask 0.0.0.0



auto vmbr1
iface vmbr1 inet manual
bridge_ports eth1.1
bridge_stp off
bridge_fd 0

THE INFORMATION ON THE VM ON EACH ONE OF THE HOST

***VM ON HOST-1

auto eth0
iface eth0 inet static
address 10.10.10.73
netmask 255.255.255.0
gateway 10.10.10.3
network 10.10.10.0
broadcast 10.10.10.255

auto eth1
iface eth1 inet static
address 192.168.1.102
netmask 255.255.255.0
# gateway 192.168.1.1
network 192.168.1.0
broadcast 192.168.1.255




***VM ON HOST-2

iface eth0 inet static
address 10.10.10.223
netmask 255.255.255.0
gateway 10.10.10.3
network 10.10.10.0
broadcast 10.10.10.255


auto eth1
iface eth1 inet static
address 192.168.1.101
netmask 255.255.255.0
# gateway 192.168.1.2
network 192.168.1.0
broadcast 192.168.1.255
 
There is no way I can ping from the VM in host-1 TO the VM in host-2. Please help, what I am doing wrong. Is it the switch I have that is missing something.??? HELP
 
kirelgt said:
There is no way I can ping from the VM in host-1 TO the VM in host-2. Please help, what I am doing wrong. Is it the switch I have that is missing something.??? HELP
Click to expand...
Hi,
your network-config looks a little bit curious.

On eth1 you use vlan-tagging but only with one vlan and this is the default-vlan. Do you have assigned the ports on the switch as tagged (802.1q) ports?

Which IPs do you use for ping? If i'm right you use both networks (vmbr0 + vmbr1) on both VMs?

Can you ping from VM-a - host-a? Further than host-b? VM-b?

What kind of VMs are you use (kvm/openvz - os / driver / VM-config)?

What show the output of tcpdump on the pve-hosts?

Udo
 
Thanks For the quick reply


On eth1 you use vlan-tagging but only with one vlan and this is the default-vlan. Do you have assigned the ports on the switch as tagged (802.1q) ports? (UDO will you explain this a little bit more, what do mean that vlan1.1 is the default-vlan?? The switch I am using is an unmanaged switch that I cannot do anything to it.)

Which IPs do you use for ping? If i'm right you use both networks (vmbr0 + vmbr1) on both VMs? (Yes I do use the two networks, actually that is the idea)(The network I use for pinging is vmbr1 (192.168.1.0/24))

Can you ping from VM-a - host-a? Further than host-b? VM-b? (NO I cannot.)

What kind of VMs are you use (kvm/openvz - os / driver / VM-config)? (I only use KVM)

What show the output of tcpdump on the pve-hosts? (If I ping from the VM on host-1 do not get to host-2)
proxmox2:~# tcpdump -vv -i vmbr1
tcpdump: WARNING: vmbr1: no IPv4 address assigned
tcpdump: listening on vmbr1, link-type EN10MB (Ethernet), capture size 96 bytes
13:43:11.991925 arp who-has 192.168.1.101 tell 192.168.1.102
13:43:12.991887 arp who-has 192.168.1.101 tell 192.168.1.102
 
kirelgt said:
Thanks For the quick reply


On eth1 you use vlan-tagging but only with one vlan and this is the default-vlan. Do you have assigned the ports on the switch as tagged (802.1q) ports? (UDO will you explain this a little bit more, what do mean that vlan1.1 is the default-vlan?? The switch I am using is an unmanaged switch that I cannot do anything to it.)
Click to expand...
Hi,
if you use vlan-tagging you can use vlan-id from 1 to 4096 - vlan1 is the default-network from the switch.
You can't use vlan-tagging with an unmannaged switch!
Which IPs do you use for ping? If i'm right you use both networks (vmbr0 + vmbr1) on both VMs? (Yes I do use the two networks, actually that is the idea)(The network I use for pinging is vmbr1 (192.168.1.0/24))

Can you ping from VM-a - host-a? Further than host-b? VM-b? (NO I cannot.)

What kind of VMs are you use (kvm/openvz - os / driver / VM-config)? (I only use KVM)

What show the output of tcpdump on the pve-hosts? (If I ping from the VM on host-1 do not get to host-2)
proxmox2:~# tcpdump -vv -i vmbr1
tcpdump: WARNING: vmbr1: no IPv4 address assigned
tcpdump: listening on vmbr1, link-type EN10MB (Ethernet), capture size 96 bytes
13:43:11.991925 arp who-has 192.168.1.101 tell 192.168.1.102
13:43:12.991887 arp who-has 192.168.1.101 tell 192.168.1.102
Click to expand...
use something like this:
Code: 
auto eth0
iface eth0 inet static
        address 0.0.0.0
        netmask 0.0.0.0

auto vmbr0
iface vmbr0 inet static
        address 10.10.10.6
        netmask 255.255.255.0
        gateway 10.10.10.3
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0

auto eth1
iface eth1 inet static
        address 0.0.0.0
        netmask 0.0.0.0

auto vmbr1
iface vmbr1 inet manual
        bridge_ports eth1
        bridge_stp off
        bridge_fd 0
Udo
 
Yes Udo , but the whole idea is to be able to use one network for data and other for webservices. Actually you think that the main problem is the switch???

Yes I can ping on the 10 network w/o a problem. But the main purpose is to be able to ping on the 192 network.
 
kirelgt said:
Yes Udo , but the whole idea is to be able to use one network for data and other for webservices. Actually you think that the main problem is the switch???

Yes I can ping on the 10 network w/o a problem. But the main purpose is to be able to ping on the 192 network.
Click to expand...
Hi,
the ping for the 10 network should check the network-config inside the VM - with some guests/virt-nic-types you can have trouble (e.g. the old M$-own e1000-driver...).
It's fully ok to use an own nic with brigde for the second network. Without vlan-tagging it's should work like the network on eth0.

If not - look with tcpdump - you must see the same traffic (if for both hosts) on both pve-hosts.
Perhaps to find the error, you can temporary assing vmbr1 an ip-address - to see what you can ping (vm-a - host-a - host-b - vm-b).

Good night,

Udo
 
You must log in or register to reply here.
Top Bottom