[SOLVED] Private linux bridge side effect

[ph0x]

Hey there!
I ran into a quirk, that I could have foreseen, but I still have to ask for input, in case I'm missing something.
I have three VMs that share vmbr0 as net0 and a private bridge (vmbr12) as net1. No other VM nor the Proxmox nodes use that bridge, and also the router does not know of the subnet that goes over it.
A few days ago I migrated one of the machines to another node thinking that the identical vmbr12 definition will make Proxmox automagically route the traffic to the correct destination. But it didn't.
It's quite obvious, how should one node know where to route the traffic on vmbr12? But since the three VMs are in HA state I have to find a solution for that.
So apart from creating a routed VLAN that my pfSense handles, what other options could there be?

Best regards

 

[aaron]

So apart from creating a routed VLAN that my pfSense handles, what other options could there be?

having a VLAN interface on your physical network and using that as bridge port of the vmbr21 should help. Your switch needs to allow that VLAN as tagged vlan on the ports where the nodes are connected. I don't see why this needs to be routed via a firewall/router.

So assuming that the physical NIC is eno1, you could create either a eno1.<vlan> interface

auto eno1.21
iface eno1.21 inet manual
#vmbr21 between nodes

or if you have ifupdown2 installed:

auto internal
iface internal inet manual
    vlan-id 21
    vlan-raw-device eno1
#vmbr21 between nodes

and use "internal" as the bridge port for vmbr21.

 

[ph0x]

Yeah, that's what I ended up doing. Thanks