[SOLVED] Proxmox 7 live migration stops working if firewall enabled

bfwdd

bfwdd

Renowned Member
Proxmox Subscriber
Mar 29, 2016
22
3
68
Dresden
www.bfw-dresden.de
Hi,
as soon as i enable firewall, live migration stops working.


I have inserted on datacenter level one rule for ceph (macro) an the following:

live migration (VM memory and local-disk data): 60000-60050 (TCP)

Migration uses dedicated network (the same as corosync traffic)

/etc/pve/datacenter.cfg:
migration: insecure,network=10.39.0.0/16

Inserting the rule for live migration on host level doesn't help. What am I missing?
 
Last edited:
please provide the full migration log and firewall rules as well as network setup..
 
After some minutes I got:

2021-08-12 14:48:06 ssh: connect to host 10.39.0.6 port 22: Connection timed out 2021-08-12 14:48:06 ERROR: migration aborted (duration 00:02:09): Can't connect to destination address using public key

So I added a ssh rule and migration is working..., BUT shouldn't that be part of the wiki?
 
Last edited:
insecure migration just skips the SSH tunnel for the bulk data transfer (guest RAM/state and if needed, local disks), the control part is still over SSH.
 
You must log in or register to reply here.
Top Bottom