Proxmox claiming MAC address

spirit

Famous Member
Apr 2, 2010
5,686
626
133
www.odiso.com
Protei said:
I did it earlier at the data center level. Now I did as you wrote and I will test. Thanks!
Click to expand...
datacenter level only apply to hypervisors management ips, not vms, so you really need to do it at vm level.

Protei said:
And if I disable all firewalls does it help?
Click to expand...
yes, sure.. (disable firewall option on vm nic option, it'll remove the fwbrX interfaces. Disabling vm firewall in vm firewall option is not enough. )
 
  • Like
Reactions: Protei

spirit

Famous Member
Apr 2, 2010
5,686
626
133
www.odiso.com
openaspace said:
Looking for others Companies guides about proxmox networking I see that ovh official guide use the IP routed setup mode instead of bridged.

https://docs.ovh.com/gb/en/dedicated/network-bridging/
Click to expand...
ovh support both routed && bridged mode,
but bridged mode is supported with their vrack, so you have a true vxlan for you, without any bad flooding traffic from others customers.

https://docs.ovh.com/au/en/dedicated/proxmox-network-hg-scale/


(my personnal opinion: hetzner bridged mode just sucks, because they are not filtering correctly their layer2. Use routed setup with hetzner)
 

openaspace

Member
Sep 16, 2019
382
8
23
Italy
spirit said:
my personnal opinion: hetzner bridged mode just sucks, because they are not filtering correctly their layer2. Use routed setup with hetzner)
Click to expand...
that's what I've always thought about this etzner problem..

Officially also hetzner guide allow bridged mode as allowed..
 
thommie

thommie

Member
Proxmox Subscriber
Aug 19, 2019
56
7
13
My last mac spoofing complaint from hetzner was closed at 13.11. But it may come up again, I dont know ...
Maybe they changed their detection script a bit, but its hard to tell without any written reply with technical details.
 

egberts

New Member
May 1, 2021
14
1
3
62
Hetzner support should have sent a PCAP file of the offending packets. would go a lot quicker toward this problem resolution.

My advice would be to start a ‘tcpdump -i enp5s0 -w /tmp/capture.pcap‘ and let it run until the Hetzner support complains then peruse the PCAP with Wireshark for outlier packets, starting with sorting by MAC, filter out your KNOWN source MAC address, and repeat but with known source IP address(es).

For my homelab (pve-no-subscription), I find myself having to split my four Ethernet Port NIC into management IP, bridged (vmbr0) without an IP, and MACVLAN all connected to the switch.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!
Community platform by XenForo® © 2010-2022 XenForo Ltd.
Top Bottom