I have a 1-node Proxmox environment running 8.2.4 and experiencing a weird issue where I have an EVPN SDN setup, and VM/Containers in that setup can reach out and connect to the host, but the host cannot connect back to the VMs.
EX: From a VM, I can SSH into the host and connect properly, but from the host, I cannot SSH into any VMs. When trying to go from the host to the VM the connection times out and never connects.
The following are the configs from the host
SDN Configs:
Interface Configs:
sysctl Config:
EX: From a VM, I can SSH into the host and connect properly, but from the host, I cannot SSH into any VMs. When trying to go from the host to the VM the connection times out and never connects.
The following are the configs from the host
SDN Configs:
Code:
root@pve2:~# cat /etc/pve/sdn/*
evpn: evpnctl
asn 65000
peers 10.10.0.2
subnet: evpnctl-10.6.0.0-24
vnet internal
gateway 10.6.0.254
subnet: evpnctl-10.7.0.0-24
vnet kube
gateway 10.7.0.254
vnet: internal
zone evpnctl
alias Internal VM Network
tag 16000
vnet: kube
zone evpnctl
alias Kube Network
tag 17000
evpn: evpnctl
controller evpnctl
vrf-vxlan 20000
advertise-subnets 1
exitnodes pve2
exitnodes-local-routing 1
ipam pve
mac BC:24:11:2D:68:1B
mtu 1450
nodes pve2Interface Configs:
Code:
root@pve2:~# cat /etc/network/interfaces
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!
auto lo
iface lo inet loopback
iface eno1 inet manual
iface eno2 inet manual
iface eno3 inet manual
iface eno4 inet manual
auto enp6s0f0
iface enp6s0f0 inet static
address 10.100.0.2/24
#CEPH Private Net
auto enp6s0f1
iface enp6s0f1 inet static
address 10.100.100.2/24
#CEPH Public Net
auto vmbr0
iface vmbr0 inet static
address 10.10.0.2/24
gateway 10.10.0.254
bridge-ports eno1
bridge-stp off
bridge-fd 0
source /etc/network/interfaces.d/*
---
root@pve2:~# cat /etc/network/interfaces.d/sdn
#version:6
auto internal
iface internal
address 10.6.0.254/24
hwaddress BC:24:11:2D:68:1B
bridge_ports vxlan_internal
bridge_stp off
bridge_fd 0
mtu 1450
alias Internal VM Network
ip-forward on
arp-accept on
vrf vrf_evpnctl
auto kube
iface kube
address 10.7.0.254/24
hwaddress BC:24:11:2D:68:1B
bridge_ports vxlan_kube
bridge_stp off
bridge_fd 0
mtu 1450
alias Kube Network
ip-forward on
arp-accept on
vrf vrf_evpnctl
auto vrf_evpnctl
iface vrf_evpnctl
vrf-table auto
post-up ip route del vrf vrf_evpnctl unreachable default metric 4278198272
auto vrfbr_evpnctl
iface vrfbr_evpnctl
bridge-ports vrfvx_evpnctl
bridge_stp off
bridge_fd 0
mtu 1450
vrf vrf_evpnctl
auto vrfvx_evpnctl
iface vrfvx_evpnctl
vxlan-id 20000
vxlan-local-tunnelip 10.10.0.2
bridge-learning off
bridge-arp-nd-suppress on
mtu 1450
auto vxlan_internal
iface vxlan_internal
vxlan-id 16000
vxlan-local-tunnelip 10.10.0.2
bridge-learning off
bridge-arp-nd-suppress on
mtu 1450
auto vxlan_kube
iface vxlan_kube
vxlan-id 17000
vxlan-local-tunnelip 10.10.0.2
bridge-learning off
bridge-arp-nd-suppress on
mtu 1450
auto xvrf_evpnctl
iface xvrf_evpnctl
link-type veth
address 10.255.255.1/30
veth-peer-name xvrfp_evpnctl
mtu 1500
auto xvrfp_evpnctl
iface xvrfp_evpnctl
link-type veth
address 10.255.255.2/30
veth-peer-name xvrf_evpnctl
vrf vrf_evpnctl
mtu 1500sysctl Config:
Code:
root@pve2:~# cat /etc/sysctl.d/30-snd.conf
net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
net.ipv4.tcp_l3mdev_accept = 1
Last edited: