Perform a ping from VM to another node in the cluster

T

truc

Member
Aug 7, 2024
33
0
6
Hi guys,
in my environment it is possible to perform a ping between the nodes in the cluster.
Nevertheless I can not ping a node in the cluster from my VMs.

Do you know how to solve this issue
and here is my configuration
on host:
Code: 
auto lo
iface lo inet loopback

iface ens192 inet manual

iface ens161 inet manual

iface ens224 inet manual

iface ens256 inet manual

auto vmbr0
iface vmbr0 inet static
        address 10.200.10.5/24
        gateway 10.200.10.254
        bridge-ports ens192
        bridge-stp off
        bridge-fd 0

auto vmbr1
iface vmbr1 inet static
        address 10.10.10.11/24
        bridge-ports ens161
        bridge-stp off
        bridge-fd 0
#vm

auto vmbr2
iface vmbr2 inet static
        address 20.20.20.21/24
        bridge-ports ens256
        bridge-stp off
        bridge-fd 0
#sync

source /etc/network/interfaces.d/*
on vm :
1723109102238.png


1723109138656.png
 
truc said:
Hi guys,
in my environment it is possible to perform a ping between the nodes in the cluster.
Nevertheless I can not ping a node in the cluster from my VMs.

Do you know how to solve this issue
and here is my configuration
on host:
Code: 
auto lo
iface lo inet loopback

iface ens192 inet manual

iface ens161 inet manual

iface ens224 inet manual

iface ens256 inet manual

auto vmbr0
iface vmbr0 inet static
        address 10.200.10.5/24
        gateway 10.200.10.254
        bridge-ports ens192
        bridge-stp off
        bridge-fd 0

auto vmbr1
iface vmbr1 inet static
        address 10.10.10.11/24
        bridge-ports ens161
        bridge-stp off
        bridge-fd 0
#vm

auto vmbr2
iface vmbr2 inet static
        address 20.20.20.21/24
        bridge-ports ens256
        bridge-stp off
        bridge-fd 0
#sync

source /etc/network/interfaces.d/*
on vm :
1723109102238.png


1723109138656.png
Click to expand...
I use the ip range 10.10.10.x/24 that I created myself so there is no Gateway, I just want my vm to be able to ping other vms and other nodes in this range
 
What is the output of

Code: 
ip a
ip r

inside the VM?

What are you trying to ping? 10.10.10.11?
 
shanreich said:
What is the output of

Code: 
ip a
ip r

inside the VM?

What are you trying to ping? 10.10.10.11?
Click to expand...
i have 3 hosts with ip
host1: 10.10.10.11
host2: 10.10.10.12
host3: 10.10.10.13
vm on host1 10.10.10.20
I can ping between hosts but vm cannot ping other hosts
ip r
1723110838931.png
ip a
1723110847041.png
 
So it's possible to ping from 10.10.10.11 <-> 10.10.10.12 ?

How does the firewall configuration look like for the VM?
 
shanreich said:
So it's possible to ping from 10.10.10.11 <-> 10.10.10.12 ?

How does the firewall configuration look like for the VM?
Click to expand...
I can ping between hosts (10.10.10.11->10.10.10.12, vice versa) but vm cannot and I disabled firewall on vm
 
Can you run tcpdump while you're trying to ping from the VM on vmbr1 and post the output here?

Code: 
tcpdump -envi vmbr1 icmp

One request should suffice:

Code: 
ping -c1 10.10.10.12
 
The vm I created doesn't have the tcpdump command, it can't go out onto the network so I can't install the necessary packages.
 
shanreich said:
The tcpdump command is for the host
Click to expand...
This is the result returned when I run the tcpdump command
Code: 
root@node1:~# tcpdump -envi vmbr1 icmp
tcpdump: listening on vmbr1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
root@node1:~# tcpdump -envi vmbr1 icmp
tcpdump: listening on vmbr1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
 
Did you try to ping from inside the VM during the tcpdump?
 
Can you check the fwbr then? (I assume the ID of the VM is 100, please replace it if it isn't the case).

Code: 
tcpdump -envi fwbr100i0 icmp


Can you post the output of the following commands:
Code: 
cat /etc/pve/firewall/100.fw
cat /etc/pve/firewall/cluster.fw
 
truc said:
and I disabled firewall on vm
Click to expand...
Check the firewall setting within the VM. I assume you are aware that as of CentOS 7 firewalld is used.

Can you ping from VM to the PVE host (that serves that VM)? Can you ping from PVE host & nodes in cluster TO the VM?
 
gfngfn256 said:
Check the firewall setting within the VM. I assume you are aware that as of CentOS 7 firewalld is used.

Can you ping from VM to the PVE host (that serves that VM)? Can you ping from PVE host & nodes in cluster TO the VM?
Click to expand...
VM to the PVE host (that serves that VM)
1723127499862.png

pve host to
1723127590635.png
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back