Hello,
I have 3 identical servers running identical version of Proxmox with all of therm fully upgraded.
Each has 2 network cards installed, one is on-board quad 10gb and another is PCie quad port SPF+ 10gb. I have created two bridges, each bridge having all 4 ports assigned. Both bridges has defined static address on different subnet, naturally. Also, each card(s) and in turn vmbr is connected to different switch. Each switch is connected to router. Router is Sophos OS that has all LAN traffic allowed, no restrictions.
What I want to have is, vmbr0 will be general VM traffic. The SPF+ cards will handle only storage (ceph) traffic. Since all of ceph traffic should be local, the switch being connected to FW (or even not) is immaterial. The problem is - comms between nodes, lets call them node1 and node2 and node3. If I ping node2 and node 3 from node1 - no traffic, nothing, nada, dead end. If I ping node1 from other nodes, same result. If I ping node2 from node3 and vice versa it works properly. So only node1 is isolated. If I do traceroute from node2 to node3 traceroute immediately hops to that node, since it is actually local. But if I do traceroute towards node1 or from node1 is first hops to GW and then it does not go forward. All 3 nodes are showing idential routing table. The switch is Arista dcs-7124s without any special config or restrictions.
Please help as I am pulling my hair out (not leaving me with much to go) trying to find issue. Any suggestion or insight is welcomed! Thanks!!
I have 3 identical servers running identical version of Proxmox with all of therm fully upgraded.
Each has 2 network cards installed, one is on-board quad 10gb and another is PCie quad port SPF+ 10gb. I have created two bridges, each bridge having all 4 ports assigned. Both bridges has defined static address on different subnet, naturally. Also, each card(s) and in turn vmbr is connected to different switch. Each switch is connected to router. Router is Sophos OS that has all LAN traffic allowed, no restrictions.
What I want to have is, vmbr0 will be general VM traffic. The SPF+ cards will handle only storage (ceph) traffic. Since all of ceph traffic should be local, the switch being connected to FW (or even not) is immaterial. The problem is - comms between nodes, lets call them node1 and node2 and node3. If I ping node2 and node 3 from node1 - no traffic, nothing, nada, dead end. If I ping node1 from other nodes, same result. If I ping node2 from node3 and vice versa it works properly. So only node1 is isolated. If I do traceroute from node2 to node3 traceroute immediately hops to that node, since it is actually local. But if I do traceroute towards node1 or from node1 is first hops to GW and then it does not go forward. All 3 nodes are showing idential routing table. The switch is Arista dcs-7124s without any special config or restrictions.
Please help as I am pulling my hair out (not leaving me with much to go) trying to find issue. Any suggestion or insight is welcomed! Thanks!!
