Hello,
Before posting I've reviewed pretty much every thread on this topic that I could find, along with other resources that I found on the Internet, but I just can't figure out where things are going wrong, so I'm hoping to find some help here.
Environment
- 2 Nodes of PVE 8.35 running at Hetzner in two different DCs in FSN.
- 2 vSwitches created, one for node-to-node (corosync) communication (private, vlan 4001), and one for node-to-Internet communication (public, vlan 4000)
- Additional /28 subnet assigned to the public vSwitch
Data of the additional subnet (not my actual IPs, mind you):
Network: 92.100.250.160/28
Gateway: 92.100.250.161
Mask: 255.255.255.240
Broadcast: 92.100.250.175
Usable IPs: 92.100.250.162 - 92.100.250.174
Host Setup
For now I'm focusing on just one node, because I know that once I figure it out on one node I can do the same on the other node.
The first node has the following IPs allocated by Hetzner (not my actual IPs, mind you):
Host IP: 179.64.69.86/26
Gateway: 179.64.69.65
In my
IP Forwarding is enabled.
On the second node I have a similar config (with different IPs obviously), and the private vSwitch is working fine, so both nodes can talk to each other on 10.0.0.0/24 and the cluster is formed using that link.
VM Setup
Now that this was working fine, I went about setting up a first VM on the first node.
I assigned
The
Yet when I
Things I've tried
I've tried reloading interfaces, restarting both the node and the VM, but to no avail.
I've also reset the public vSwitch, deleted the servers and re-added them, also to no avail.
I've also added
There is no firewall active on either node, nor the VM, and I also disabled the firewall in the Robot.
At this point I'm at a loss in terms of what else I might be missing. Like I said, I've pored over so many tutorials (both from Hetzner and others), but I feel like I can't see the forest for the trees and must be missing something simple, so any help will be appreciated!
Before posting I've reviewed pretty much every thread on this topic that I could find, along with other resources that I found on the Internet, but I just can't figure out where things are going wrong, so I'm hoping to find some help here.
Environment
- 2 Nodes of PVE 8.35 running at Hetzner in two different DCs in FSN.
- 2 vSwitches created, one for node-to-node (corosync) communication (private, vlan 4001), and one for node-to-Internet communication (public, vlan 4000)
- Additional /28 subnet assigned to the public vSwitch
Data of the additional subnet (not my actual IPs, mind you):
Network: 92.100.250.160/28
Gateway: 92.100.250.161
Mask: 255.255.255.240
Broadcast: 92.100.250.175
Usable IPs: 92.100.250.162 - 92.100.250.174
Host Setup
For now I'm focusing on just one node, because I know that once I figure it out on one node I can do the same on the other node.
The first node has the following IPs allocated by Hetzner (not my actual IPs, mind you):
Host IP: 179.64.69.86/26
Gateway: 179.64.69.65
In my
/etc/network/interfaces on the node I have the following:
Code:
auto vmbr0
iface vmbr0 inet static
address 179.64.69.86/26
gateway 179.64.69.65
bridge_ports enp0s31f6
bridge_stp off
bridge_fd 0
# Proxmox host
iface enp0s31f6.4000 inet manual
auto vmbr4000
iface vmbr4000 inet manual
bridge_ports enp0s31f6.4000
bridge_stp off
bridge_fd 0
mtu 1400
# public vswitch
auto enp0s31f6.4001
iface enp0s31f6.4001 inet manual
address 10.0.0.1
netmask 255.255.255.0
vlan-raw-device enp0s31f6
mtu 1400
# private vswitchOn the second node I have a similar config (with different IPs obviously), and the private vSwitch is working fine, so both nodes can talk to each other on 10.0.0.0/24 and the cluster is formed using that link.
VM Setup
Now that this was working fine, I went about setting up a first VM on the first node.
I assigned
vmbr4000 to that VM in PVE and set the MTU to 1 (which should cause it to inherit the 1400 from the underlying interface).The
/etc/network/interfaces on the VM looks like this:
Code:
auto ens18
iface ens18 inet static
address 92.100.250.162
gateway 92.100.250.161
mtu 1400ip a on the VM shows the IP address assigned and that the MTU of ens18 is indeed 1400.Yet when I
ping 1.1.1.1 from the VM, I get no response, just From 92.100.250.162 icmp_seq=1 Destination Host Unreachabletcpdump -i vmbr4000 on the host shows me ARP packages arriving from the VM:ARP, Request who-has 92.100.250.161 tell 92.100.250.162, length 28Things I've tried
I've tried reloading interfaces, restarting both the node and the VM, but to no avail.
I've also reset the public vSwitch, deleted the servers and re-added them, also to no avail.
I've also added
enp0s31f6.4001 (the private vSwitch) to the VM and assigned it an IP address from the 10.0.0.0/24 range - that worked fine, so I was able to ping both PVE nodes from inside the VM. I just don't want the VMs to be able to communicate with the nodes, so I removed that interface again.There is no firewall active on either node, nor the VM, and I also disabled the firewall in the Robot.
At this point I'm at a loss in terms of what else I might be missing. Like I said, I've pored over so many tutorials (both from Hetzner and others), but I feel like I can't see the forest for the trees and must be missing something simple, so any help will be appreciated!
Last edited:
