No internet connectivity to Proxmox.

[junior9]

Hi,

I'm facing an odd situation where Proxmox is the only thing in my network that has no connectivity to Internet.
I'm using pfSense inside Proxmox as my main router/fw, and using one trunk port to the server (for wan, lan and proxmox - here is vlan 51)
Right now this configuration is behind an ISP provided router/modem (that doesn't have bridge mode), but I think that's not the problem here.

From Proxmox, I can ping my lan devices and wan gateway, but when I try to ping 1.1.1.1 or 8.8.8.8 nothing happens.
I tried both 1.1.1.1 and pfSense as DNS with no luck.

root@pve:~# cat /etc/resolv.conf
search proxmox.com
nameserver 1.1.1.1
nameserver 1.0.0.1

auto lo
iface lo inet loopback

iface eno1 inet manual

auto eno2
iface eno2 inet manual
#iDrac

iface eno3 inet manual

iface eno4 inet manual

auto vmbr0
iface vmbr0 inet manual
    bridge-ports eno1
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094

auto vmbr0.51
iface vmbr0.51 inet static
    address 10.10.10.20/24
    gateway 10.10.10.1
    brigde_ports eno1.51

auto vmbr1
iface vmbr1 inet manual
    bridge-ports none
    bridge-stp off
    bridge-fd 0

auto vmbr2
iface vmbr2 inet manual
    bridge-ports eno2
    bridge-stp off
    bridge-fd 0
#iDrac_eno2 brigde

Thanks

 

[bobmc]

what does
ip route
look like from your proxmox host?

 

[junior9]

root@pve:~# ip route
default via 10.10.10.1 dev vmbr0.51 proto kernel onlink
10.10.10.0/24 dev vmbr0.51 proto kernel scope link src 10.10.10.20

 

[bobmc]

so 10.10.10.1 is the lan side of pfsense?
can you do a traceroute to 8.8.8.8 from a vm or container that has internet access and a traceroute from the host

 

[junior9]

As I wrote in the first post, this one uses different subnet from the VMs (different vlan tag, shown in pfSense as separate NIC)
In pfSense both subnets are allowed to pass traffic to WAN network, 192.168.1.1/24 in my case.

root@pve:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
44 packets transmitted, 0 received, 100% packet loss, time 67ms

root@pve:~# traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  * * *
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  *^C
root@pve:~# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=63 time=1.11 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=63 time=1.26 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=63 time=0.947 ms
^C
--- 192.168.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 4ms
rtt min/avg/max/mdev = 0.947/1.104/1.257/0.132 ms

This is from Truenas, inside Proxmox.

root@truenas[~]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=110 time=279.156 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=110 time=274.072 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 2 packets received, 33.3% packet loss
round-trip min/avg/max/stddev = 274.072/276.614/279.156/2.542 ms

root@truenas[~]# traceroute 8.8.8.8

traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 40 byte packets

 1  192.168.1.1 (192.168.1.1)  1.274 ms  1.350 ms  1.104 ms
*
*
*
13  dns.google (8.8.8.8)  33.514 ms  32.343 ms  33.599 ms

 

[junior9]

I did it!
The problem was in pfSense. I had to explicitly set the gateway to 192.168.1.1, default option (which is - 192.168.1.1) doesn't work, I don't know why.

Anyhow, thanks for the support!
Regards