No Internet on all VMs after update

painerp

Member
Jul 24, 2016
2
0
21
45
Yesterday after I updated and rebooted my Server all of my 3 VMs weren't able to connect back to the Internet.
I use a routed setup basically exactly like this https://community.hetzner.com/tutorials/install-and-configure-proxmox_ve/de?title=Proxmox_VE

After some digging I figured out that the Gateway (proxmox host) is still pingable from inside of the VMs.
Pinging the VMs from proxmox failed and also "ping 1.1.1.1 -I vmbr0" fails, Im not sure if this should work though.

Tcpdump on proxmox showed some incoming connections from the VMs but I couldn't get anything special from that.
So i figured it has to be a problem with my proxmox networking but I have no idea what is happening since I haven't changed anything and it still looks correct to me.

Proxmox Network:
Code:
auto lo
iface lo inet loopback

iface lo inet6 loopback

auto enp0s31f6
iface enp0s31f6 inet manual
        address  [ProxmoxIP]
        netmask  255.255.255.255
        gateway  [Gateway of ProxmoxIP]
        pointopoint [Gateway of ProxmoxIP]

auto vmbr0
iface vmbr0 inet static
        address  [ProxmoxIP]
        netmask  255.255.255.255
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        up ip route add [ExtraIP1]/32 dev vmbr0
        up ip route add [ExtraIP2]/32 dev vmbr0

#intern
auto vmbr1
iface vmbr1 inet static
        address  10.10.10.1
        netmask  24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

VM1 Network:
Windows VM.png

Thanks for your time!
 
Confirmed same issue here, Anything internal is not working. I'm running a mesh network with OVS for my layer3. No web access while my vmbr0 was configured for ovs, had to switch it back to a standard bridge, but still my internal network is borked.
 
Confirmed same issue here, Anything internal is not working. I'm running a mesh network with OVS for my layer3. No web access while my vmbr0 was configured for ovs, had to switch it back to a standard bridge, but still my internal network is borked.

do you use ifupdown2 2.0 ? (dpkg -l|grep ifupdown2?)
if yes, they are a regression with ovs, it should be fixed with
http://download.proxmox.com/debian/pve/dists/buster/pvetest/binary-amd64/ifupdown2_2.0.1-1+pve4_all.deb
 
Same Problem here, with 2.0.1-1+pve4.
I went back to ifupdown2=1.2.8-1+pve4 and all VM are working fine....
 
Sure.

I dont use openvswitch.

Code:
auto lo
iface lo inet loopback

iface lo inet6 loopback

auto enp4s0
iface enp4s0 inet static
    address  [HostIP]
    netmask  255.255.255.224
    gateway  [Gateway]
    pointopoint [Gateway]
    up route add -net 78.46.X.X netmask 255.255.255.224 gw [Gateway] dev enp4s0


iface enp4s0 inet6 static
    address  [IPv6]
    netmask  128
    gateway  fe80::1
    up sysctl -p

auto vmbr0
iface vmbr0 inet static
    address   [HostIP]
    netmask  255.255.255.255
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    bridge_maxwait 0
    up ip route add [Additional IP for VM] dev vmbr0
 
@Miki84

just curious, why do you call "sysctl -p" in up ?
could you send the result of "ifup -a -d" ?

I wonder if it could be forwarding be disabled by ifupdown2.
can you try to add "ip-forward on' on ipv4 interfaces, and "ip6-forward on" on ipv6 interfaces ?
 
I installed Proxmox via the Hetzner installer.
the sysctl -p call comes from the installer.
no idea why

The result of ifup -a -d with the working
ifupdown2 1.2.8-1+pve4 version?

Or with the 2.0 version that didnt work?
 
I installed Proxmox via the Hetzner installer.
the sysctl -p call comes from the installer.
no idea why
ok no problem. I didn't known that hetzner was setting up default configuration.

[QUOTE
The result of ifup -a -d with the working
ifupdown2 1.2.8-1+pve4 version?

Or with the 2.0 version that didnt work?
[/QUOTE]

maybe both version if you can.

I have found a bug with pointopoint in both versions. (mainly, when you ifdown the interface, it's not removing the ip address)
but maybe with 2.0 it's worste than before.

I have make a patch and build a fixed deb:
http://odisoweb1.odiso.net/ifupdown2_2.0.1-1+pve4_all.deb
if you can test, it could be great :) (I don't have hetzner server to test)

I have send a pull request to ifupdown2 github too:
https://github.com/CumulusNetworks/ifupdown2/pull/149/
 
Last edited:

Attachments

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!