Hi, folks.
I have some realy strange Problems on my PVE4-Cluster, when i use the firewall feature for guest systems.
I use Open vSwitch to connect 3 nodes together and to route a private subnet 10.0.1.0/24 and a public failover subnet which is routed over 1 node and can be switched to any other node.
All is working fine and any guest can reach any other guest on private or public subnet, but, if i activate the firewall-feature for some guest-vm's this vm's cannot be reached from each other (internal only) anymore.
External access from ip-adresses outside this subnet always works.
I sometimes had the strange behavior, that when i logged in to both vm's and started a ping-command against each other, then after some time it worked, but this does not always work.
I assume that something with routing or arp goes wrong, but i have no idea, where i could start to search.
If i deactivate firewall for all vm's everything is fine.
Firewalling is a pretty good feature, so i would like to use it.
Thanks,
Oliver
I have some realy strange Problems on my PVE4-Cluster, when i use the firewall feature for guest systems.
I use Open vSwitch to connect 3 nodes together and to route a private subnet 10.0.1.0/24 and a public failover subnet which is routed over 1 node and can be switched to any other node.
All is working fine and any guest can reach any other guest on private or public subnet, but, if i activate the firewall-feature for some guest-vm's this vm's cannot be reached from each other (internal only) anymore.
External access from ip-adresses outside this subnet always works.
I sometimes had the strange behavior, that when i logged in to both vm's and started a ping-command against each other, then after some time it worked, but this does not always work.
I assume that something with routing or arp goes wrong, but i have no idea, where i could start to search.
If i deactivate firewall for all vm's everything is fine.
Firewalling is a pretty good feature, so i would like to use it.
Thanks,
Oliver