Proxmox Host and Clients Randomly Freeze. Have to restart the system

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
Hello all,

I'm having some issues with my Proxmox host. Sometimes it will randomly lockup and freeze everything. The consol will still apear but won't accept any entered keys, SSH and the GUI also don't work.

I am passing through a Nivdia GT710 to a Windows 10 Client. I thought this was the issue but I have dissabled all the opensource and offical drivers on Proxmox.

I have looked in Dmesg and Syslog but nothing seems to stand out for a reason of crash.

For example this is the log from the time around the crash (in next post).


Code:
blacklist radeon
blacklist nouveau
blacklist nvidia
blacklist lbm-nouveau
options nouveau modeset=0
alias nouveau off
alias lbm-nouveau off
blacklist xpad
blacklist pcspkr
options nouveau modeset=0
options vifo-pci ids=10de:128b,10de:0e0f


What else can I look at to fix this please? It's rather annoying having the system crash every x days!! Any help is appreciated

Many Thanks,
Zac.
 

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
Code:
Virtual Environment 5.2-5
Node 'Mercury'
Status
    
NotFound: There is no subscription key
Server ID
    
628E78B92ACD4DCE359FE10062B723F2
Logs
()

==== general system info ====

# hostname
Mercury

# pveversion --verbose
proxmox-ve: 5.2-2 (running kernel: 4.15.18-1-pve)
pve-manager: 5.2-5 (running version: 5.2-5/eb24855a)
pve-kernel-4.15: 5.2-4
pve-kernel-4.13: 5.2-2
pve-kernel-4.15.18-1-pve: 4.15.18-15
pve-kernel-4.15.17-3-pve: 4.15.17-14
pve-kernel-4.15.17-1-pve: 4.15.17-9
pve-kernel-4.15.15-1-pve: 4.15.15-6
pve-kernel-4.13.16-4-pve: 4.13.16-51
pve-kernel-4.13.16-3-pve: 4.13.16-50
pve-kernel-4.13.16-2-pve: 4.13.16-48
pve-kernel-4.13.13-2-pve: 4.13.13-33
corosync: 2.4.2-pve5
criu: 2.11.1-1~bpo90
glusterfs-client: 3.8.8-1
ksm-control-daemon: 1.2-2
libjs-extjs: 6.0.1-2
libpve-access-control: 5.0-8
libpve-apiclient-perl: 2.0-5
libpve-common-perl: 5.0-35
libpve-guest-common-perl: 2.0-17
libpve-http-server-perl: 2.0-9
libpve-storage-perl: 5.0-24
libqb0: 1.0.1-1
lvm2: 2.02.168-pve6
lxc-pve: 3.0.0-3
lxcfs: 3.0.0-1
novnc-pve: 1.0.0-1
proxmox-widget-toolkit: 1.0-19
pve-cluster: 5.0-28
pve-container: 2.0-24
pve-docs: 5.2-4
pve-firewall: 3.0-13
pve-firmware: 2.0-5
pve-ha-manager: 2.0-5
pve-i18n: 1.0-6
pve-libspice-server1: 0.12.8-3
pve-qemu-kvm: 2.11.1-5
pve-xtermjs: 1.0-5
qemu-server: 5.0-29
smartmontools: 6.5+svn4324-1
spiceterm: 3.0-5
vncterm: 1.5-3
zfsutils-linux: 0.7.9-pve1~bpo9

# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
10.0.1.1 Mercury.media.orehawa.co.uk Mercury pvelocalhost

# The following lines are desirable for IPv6 capable hosts

::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

# top -b -n 1  | head -n 15
top - 11:35:57 up 54 min,  1 user,  load average: 0.69, 0.69, 0.70
Tasks: 488 total,   1 running, 327 sleeping,   0 stopped,   0 zombie
%Cpu(s):  2.4 us,  2.5 sy,  0.0 ni, 93.8 id,  1.2 wa,  0.0 hi,  0.1 si,  0.0 st
KiB Mem : 37070268 total, 13990308 free, 20300788 used,  2779172 buff/cache
KiB Swap:  8388604 total,  8388604 free,        0 used. 16229532 avail Mem

  PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     TIME+ COMMAND
 4486 root      20   0 10.998g 9.778g  12076 S  55.6 27.7  17:23.93 kvm
 6616 root      20   0 9654988 8.032g   9096 S  44.4 22.7  27:14.85 kvm
25158 root      20   0   43544   3636   2812 R  11.1  0.0   0:00.04 top
    1 root      20   0   57588   7312   5276 S   0.0  0.0   0:02.65 systemd
    2 root      20   0       0      0      0 S   0.0  0.0   0:00.01 kthreadd
    4 root       0 -20       0      0      0 I   0.0  0.0   0:00.00 kworker/0:+
    7 root       0 -20       0      0      0 I   0.0  0.0   0:00.00 mm_percpu_+
    8 root      20   0       0      0      0 S   0.0  0.0   0:00.16 ksoftirqd/0

# pvesubscription get
message: There is no subscription key
serverid: 628E78B92ACD4DCE359FE10062B723F2
status: NotFound
url: http://www.proxmox.com/products/proxmox-ve/subscription-service-plans

# lscpu
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                16
On-line CPU(s) list:   0-15
Thread(s) per core:    2
Core(s) per socket:    4
Socket(s):             2
NUMA node(s):          2
Vendor ID:             GenuineIntel
CPU family:            6
Model:                 44
Model name:            Intel(R) Xeon(R) CPU           E5620  @ 2.40GHz
Stepping:              2
CPU MHz:               2028.698
CPU max MHz:           2395.0000
CPU min MHz:           1596.0000
BogoMIPS:              4788.57
Virtualization:        VT-x
L1d cache:             32K
L1i cache:             32K
L2 cache:              256K
L3 cache:              12288K
NUMA node0 CPU(s):     0,2,4,6,8,10,12,14
NUMA node1 CPU(s):     1,3,5,7,9,11,13,15
Flags:                 fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid dca sse4_1 sse4_2 popcnt aes lahf_lm epb pti ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid dtherm ida arat

==== info about storage ====

# cat /etc/pve/storage.cfg
dir: local
    path /var/lib/vz
    content vztmpl,iso
    shared 0

lvmthin: local-lvm
    thinpool data
    vgname pve
    content rootdir,images

dir: backup
    path /mnt/backup
    content backup
    maxfiles 7
    shared 0


# pvesm status
Name             Type     Status           Total            Used       Available        %
backup            dir     active       960380628       582444548       329081620   60.65%
local             dir     active        69401864        14142168        51691264   20.38%
local-lvm     lvmthin     active       895700992       178871488       716829503   19.97%

# cat /etc/fstab
# <file system> <mount point> <type> <options> <dump> <pass>
/dev/pve/root / ext4 errors=remount-ro 0 1
/dev/pve/swap none swap sw 0 0
proc /proc proc defaults 0 0
UUID=7e3c1c84-1a34-4f49-981d-da9a8c1df9e7 /mnt/backup ext4 defaults,errors=remount-ro 0 1

# findmnt --ascii
TARGET                                SOURCE               FSTYPE     OPTIONS
/                                     /dev/mapper/pve-root ext4       rw,relatime,errors=remount-ro,data=ordered
|-/sys                                sysfs                sysfs      rw,nosuid,nodev,noexec,relatime
| |-/sys/kernel/security              securityfs           securityfs rw,nosuid,nodev,noexec,relatime
| |-/sys/fs/cgroup                    tmpfs                tmpfs      ro,nosuid,nodev,noexec,mode=755
| | |-/sys/fs/cgroup/systemd          cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd
| | |-/sys/fs/cgroup/hugetlb          cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,hugetlb
| | |-/sys/fs/cgroup/cpu,cpuacct      cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,cpu,cpuacct
| | |-/sys/fs/cgroup/rdma             cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,rdma
| | |-/sys/fs/cgroup/freezer          cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,freezer
| | |-/sys/fs/cgroup/pids             cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,pids
| | |-/sys/fs/cgroup/net_cls,net_prio cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,net_cls,net_prio
| | |-/sys/fs/cgroup/cpuset           cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,cpuset
| | |-/sys/fs/cgroup/devices          cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,devices
| | |-/sys/fs/cgroup/blkio            cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,blkio
| | |-/sys/fs/cgroup/perf_event       cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,perf_event
| | `-/sys/fs/cgroup/memory           cgroup               cgroup     rw,nosuid,nodev,noexec,relatime,memory
| |-/sys/fs/pstore                    pstore               pstore     rw,nosuid,nodev,noexec,relatime
| |-/sys/kernel/debug                 debugfs              debugfs    rw,relatime
| |-/sys/fs/fuse/connections          fusectl              fusectl    rw,relatime
| `-/sys/kernel/config                configfs             configfs   rw,relatime
|-/proc                               proc                 proc       rw,relatime
| `-/proc/sys/fs/binfmt_misc          systemd-1            autofs     rw,relatime,fd=40,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=517
|-/dev                                udev                 devtmpfs   rw,nosuid,relatime,size=18481104k,nr_inodes=4620276,mode=755
| |-/dev/pts                          devpts               devpts     rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000
| |-/dev/shm                          tmpfs                tmpfs      rw,nosuid,nodev
| |-/dev/hugepages                    hugetlbfs            hugetlbfs  rw,relatime,pagesize=2M
| `-/dev/mqueue                       mqueue               mqueue     rw,relatime
|-/run                                tmpfs                tmpfs      rw,nosuid,noexec,relatime,size=3707028k,mode=755
| |-/run/lock                         tmpfs                tmpfs      rw,nosuid,nodev,noexec,relatime,size=5120k
| |-/run/rpc_pipefs                   sunrpc               rpc_pipefs rw,relatime
| `-/run/user/0                       tmpfs                tmpfs      rw,nosuid,nodev,relatime,size=3707024k,mode=700
|-/mnt/backup                         /dev/sdd1            ext4       rw,relatime,errors=remount-ro,data=ordered
|-/var/lib/lxcfs                      lxcfs                fuse.lxcfs rw,nosuid,nodev,relatime,user_id=0,group_id=0,allow_other
`-/etc/pve                            /dev/fuse            fuse       rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other

# df --human
Filesystem            Size  Used Avail Use% Mounted on
udev                   18G     0   18G   0% /dev
tmpfs                 3.6G  9.4M  3.6G   1% /run
/dev/mapper/pve-root   67G   14G   50G  22% /
tmpfs                  18G   28M   18G   1% /dev/shm
tmpfs                 5.0M     0  5.0M   0% /run/lock
tmpfs                  18G     0   18G   0% /sys/fs/cgroup
/dev/sdd1             916G  556G  314G  64% /mnt/backup
/dev/fuse              30M   24K   30M   1% /etc/pve
tmpfs                 3.6G     0  3.6G   0% /run/user/0

==== info about virtual guests ====

# qm list
      VMID NAME                 STATUS     MEM(MB)    BOOTDISK(GB) PID       
       103 Media                running    10240            100.00 4486     
       108 Honeypot             stopped    5120              64.00 0         
       109 Windows10            running    8192             100.00 6616     

# cat /etc/pve/qemu-server/109.conf
agent: 1
balloon: 0
bios: ovmf
boot: cd
bootdisk: virtio0
cores: 8
cpu: host
hostpci0: 02:00,x-vga=on,pcie=1
machine: q35
memory: 8192
name: Windows10
net0: virtio=D2:B6:EA:78:55:25,bridge=vmbr1
numa: 0
onboot: 1
ostype: win10
scsihw: virtio-scsi-pci
smbios1: uuid=adef74e2-c9d6-4b8f-bf06-803f42b1e43a
sockets: 1
tablet: 0
usb0: host=046d:c52e
usb1: host=045e:028e
virtio0: local-lvm:vm-109-disk-1,cache=writeback,size=100G
virtio1: /dev/disk/by-id/scsi-3600605b002a93e7022d76b5013d9678a,backup=0,cache=writeback,replicate=0,size=475883M


# cat /etc/pve/qemu-server/103.conf
#Media Server
agent: 1
boot: cdn
bootdisk: virtio0
cores: 4
hotplug: disk,network,usb
memory: 10240
name: Media
net0: virtio=32:CA:13:F0:6C:3D,bridge=vmbr1
numa: 0
onboot: 1
ostype: win7
scsihw: virtio-scsi-pci
smbios1: uuid=966bda02-5bda-4478-b3f2-c83c63e7880d
sockets: 2
usb0: host=04f9:0054
virtio0: local-lvm:vm-103-disk-1,size=100G
virtio2: /dev/disk/by-id/ata-ST3000DM001-9YN166_Z1F0A41M,backup=0,cache=writethrough,replicate=0,size=2930266584K


# cat /etc/pve/qemu-server/108.conf
#https%3A//media.orehawa.co.uk%3A64297
#
#T-Pot HoneyPot
#
#DMZ
agent: 1
bootdisk: virtio0
cores: 4
ide2: none,media=cdrom
memory: 5120
name: Honeypot
net0: virtio=A6:E4:F6:2C:58:C0,bridge=vmbr0,firewall=1
numa: 0
ostype: l26
scsihw: virtio-scsi-pci
smbios1: uuid=3eee3cc0-9eed-4483-8f39-1a13c7062435
sockets: 1
startup: order=10
virtio0: local-lvm:vm-108-disk-1,size=64G


# pct list
VMID       Status     Lock         Name               
100        running                 PiHole             
101        running                 Nginx               
102        running                 Game               
104        running                 AptCacher           
105        running                 Organizr           
106        stopped                 Grafana             
107        running                 SSHGateway         
110        running                 OpenVpn             
111        stopped                 Python             

# cat /etc/pve/lxc/100.conf
#PiHole
#DHCP
arch: amd64
cores: 2
hostname: PiHole
memory: 2048
net0: name=eth0,bridge=vmbr0,gw=10.0.0.1,hwaddr=C2:BE:E7:62:8E:68,ip=10.0.1.2/23,type=veth
onboot: 1
ostype: ubuntu
rootfs: local-lvm:vm-100-disk-1,size=8G
startup: order=2
swap: 2048


# cat /etc/pve/lxc/101.conf
#Nginx
#OpenVPN
arch: amd64
cores: 2
hostname: Nginx
memory: 2048
net0: name=eth0,bridge=vmbr1,gw=10.0.0.1,hwaddr=AE:0B:FE:D9:09:DA,ip=10.0.1.4/23,type=veth
onboot: 1
ostype: ubuntu
rootfs: local-lvm:vm-101-disk-1,size=8G
startup: order=1
swap: 2048
lxc.cgroup.devices.allow: c 10:200 rwm


# cat /etc/pve/lxc/102.conf
#TeamSpeak
#Minecraft
arch: amd64
cores: 8
hostname: Game
memory: 10240
net0: name=eth0,bridge=vmbr0,gw=10.0.0.1,hwaddr=A6:86:2E:79:63:F4,ip=10.0.1.5/23,type=veth
onboot: 1
ostype: ubuntu
rootfs: local-lvm:vm-102-disk-1,size=20G
swap: 10240


# cat /etc/pve/lxc/110.conf
#OpenVPN Server UDP port 123
arch: amd64
cores: 2
hostname: OpenVpn
memory: 1024
net0: name=eth0,bridge=vmbr0,gw=10.0.0.1,hwaddr=5E:8C:18:7B:D6:E0,ip=10.0.1.10/23,type=veth
onboot: 1
ostype: ubuntu
rootfs: local-lvm:vm-110-disk-1,size=8G
swap: 1024
lxc.cgroup.devices.allow: c 10:200 rwm


# cat /etc/pve/lxc/104.conf
#Apt-get Cacher
arch: amd64
cores: 2
hostname: AptCacher
memory: 1024
net0: name=eth0,bridge=vmbr0,gw=10.0.0.1,hwaddr=22:29:C1:2D:AF:29,ip=10.0.1.6/23,type=veth
onboot: 1
ostype: ubuntu
rootfs: local-lvm:vm-104-disk-1,size=10G
swap: 1024


# cat /etc/pve/lxc/105.conf
#Organizr Dashboard
arch: amd64
cores: 1
hostname: Organizr
memory: 1024
net0: name=eth0,bridge=vmbr0,gw=10.0.0.1,hwaddr=DE:A2:1C:CD:DA:F3,ip=10.0.1.7/23,type=veth
onboot: 1
ostype: ubuntu
rootfs: local-lvm:vm-105-disk-1,size=8G
swap: 1024


# cat /etc/pve/lxc/106.conf
#Server metrics
arch: amd64
cores: 1
hostname: Grafana
memory: 1024
net0: name=eth0,bridge=vmbr0,gw=10.0.0.1,hwaddr=FA:E2:E5:8B:9C:DC,ip=10.0.1.8/23,type=veth
onboot: 0
ostype: ubuntu
rootfs: local-lvm:vm-106-disk-1,size=8G
swap: 1024


# cat /etc/pve/lxc/107.conf
#SSH Box
arch: amd64
cores: 1
hostname: SSHGateway
memory: 512
net0: name=eth0,bridge=vmbr0,gw=10.0.0.1,hwaddr=FE:C3:7F:E9:B6:20,ip=10.0.1.9/23,type=veth
onboot: 1
ostype: ubuntu
rootfs: local-lvm:vm-107-disk-1,size=5G
swap: 512


# cat /etc/pve/lxc/111.conf
arch: amd64
cores: 4
hostname: Python
memory: 2048
net0: name=eth0,bridge=vmbr0,gw=10.0.0.1,hwaddr=6A:3A:D8:8C:1D:50,ip=10.0.1.12/23,type=veth
ostype: ubuntu
rootfs: local-lvm:vm-111-disk-1,size=8G
swap: 512
 

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
Code:
==== info about network ====

# ip -details -statistics address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
    RX: bytes  packets  errors  dropped overrun mcast   
    1805967    4936     0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    1805967    4936     0       0       0       0       
2: enp1s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP group default qlen 1000
    link/ether 00:15:17:e6:a2:e4 brd ff:ff:ff:ff:ff:ff promiscuity 1
    bridge_slave state forwarding priority 32 cost 4 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8001 port_no 0x1 designated_port 32769 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e4 designated_root 8000.0:15:17:e6:a2:e4 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 16 numrxqueues 16 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    4306535    12614    0       0       0       8383   
    TX: bytes  packets  errors  dropped carrier collsns
    979537     3590     0       0       0       0       
3: enp1s0f1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr1 state UP group default qlen 1000
    link/ether 00:15:17:e6:a2:e5 brd ff:ff:ff:ff:ff:ff promiscuity 1
    bridge_slave state forwarding priority 32 cost 4 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8001 port_no 0x1 designated_port 32769 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e5 designated_root 8000.0:15:17:e6:a2:e5 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 16 numrxqueues 16 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    29585092   45395    0       0       0       3678   
    TX: bytes  packets  errors  dropped carrier collsns
    22385145   39617    0       0       0       0       
4: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:15:17:e6:a2:e4 brd ff:ff:ff:ff:ff:ff promiscuity 0
    bridge forward_delay 0 hello_time 200 max_age 2000 ageing_time 30000 stp_state 0 priority 32768 vlan_filtering 0 vlan_protocol 802.1Q bridge_id 8000.0:15:17:e6:a2:e4 designated_root 8000.0:15:17:e6:a2:e4 root_port 0 root_path_cost 0 topology_change 0 topology_change_detected 0 hello_timer    0.00 tcn_timer    0.00 topology_change_timer    0.00 gc_timer   46.09 vlan_default_pvid 1 vlan_stats_enabled 0 group_fwd_mask 0 group_address 01:80:c2:00:00:00 mcast_snooping 1 mcast_router 1 mcast_query_use_ifaddr 0 mcast_querier 0 mcast_hash_elasticity 4 mcast_hash_max 512 mcast_last_member_count 2 mcast_startup_query_count 2 mcast_last_member_interval 100 mcast_membership_interval 26000 mcast_querier_interval 25500 mcast_query_interval 12500 mcast_query_response_interval 1000 mcast_startup_query_interval 3124 mcast_stats_enabled 0 mcast_igmp_version 2 mcast_mld_version 1 nf_call_iptables 0 nf_call_ip6tables 0 nf_call_arptables 0 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    inet 10.0.1.1/23 brd 10.0.1.255 scope global vmbr0
       valid_lft forever preferred_lft forever
    inet6 fe80::215:17ff:fee6:a2e4/64 scope link
       valid_lft forever preferred_lft forever
    RX: bytes  packets  errors  dropped overrun mcast   
    1718179    6412     0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    839668     2140     0       0       0       0       
5: vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:15:17:e6:a2:e5 brd ff:ff:ff:ff:ff:ff promiscuity 0
    bridge forward_delay 0 hello_time 200 max_age 2000 ageing_time 30000 stp_state 0 priority 32768 vlan_filtering 0 vlan_protocol 802.1Q bridge_id 8000.0:15:17:e6:a2:e5 designated_root 8000.0:15:17:e6:a2:e5 root_port 0 root_path_cost 0 topology_change 0 topology_change_detected 0 hello_timer    0.00 tcn_timer    0.00 topology_change_timer    0.00 gc_timer  114.41 vlan_default_pvid 1 vlan_stats_enabled 0 group_fwd_mask 0 group_address 01:80:c2:00:00:00 mcast_snooping 1 mcast_router 1 mcast_query_use_ifaddr 0 mcast_querier 0 mcast_hash_elasticity 4 mcast_hash_max 512 mcast_last_member_count 2 mcast_startup_query_count 2 mcast_last_member_interval 100 mcast_membership_interval 26000 mcast_querier_interval 25500 mcast_query_interval 12500 mcast_query_response_interval 1000 mcast_startup_query_interval 3124 mcast_stats_enabled 0 mcast_igmp_version 2 mcast_mld_version 1 nf_call_iptables 0 nf_call_ip6tables 0 nf_call_arptables 0 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    inet 10.0.0.50/23 brd 10.0.1.255 scope global vmbr1
       valid_lft forever preferred_lft forever
    inet6 fe80::215:17ff:fee6:a2e5/64 scope link
       valid_lft forever preferred_lft forever
    RX: bytes  packets  errors  dropped overrun mcast   
    937914     5724     0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    684        10       0       0       0       0       
7: veth101i0@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr1 state UP group default qlen 1000
    link/ether fe:81:75:5e:f8:3a brd ff:ff:ff:ff:ff:ff link-netnsid 0 promiscuity 1
    veth
    bridge_slave state forwarding priority 32 cost 2 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8002 port_no 0x2 designated_port 32770 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e5 designated_root 8000.0:15:17:e6:a2:e5 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    16066793   10667    0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    12652741   15744    0       0       0       0       
9: veth100i0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
    link/ether fe:44:39:b9:55:77 brd ff:ff:ff:ff:ff:ff link-netnsid 1 promiscuity 1
    veth
    bridge_slave state forwarding priority 32 cost 2 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8002 port_no 0x2 designated_port 32770 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e4 designated_root 8000.0:15:17:e6:a2:e4 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    114483     1080     0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    1323817    6492     0       0       0       0       
11: veth102i0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
    link/ether fe:57:15:ea:ee:3f brd ff:ff:ff:ff:ff:ff link-netnsid 2 promiscuity 1
    veth
    bridge_slave state forwarding priority 32 cost 2 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8003 port_no 0x3 designated_port 32771 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e4 designated_root 8000.0:15:17:e6:a2:e4 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    3918       52       0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    936250     5446     0       0       0       0       
12: tap103i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr1 state UNKNOWN group default qlen 1000
    link/ether 26:3e:df:7f:79:1d brd ff:ff:ff:ff:ff:ff promiscuity 2
    tun
    bridge_slave state forwarding priority 32 cost 100 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8003 port_no 0x3 designated_port 32771 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e5 designated_root 8000.0:15:17:e6:a2:e5 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    17122952   27669    0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    28911105   39222    0       0       0       0       
14: veth104i0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
    link/ether fe:9f:c7:a5:c7:76 brd ff:ff:ff:ff:ff:ff link-netnsid 3 promiscuity 1
    veth
    bridge_slave state forwarding priority 32 cost 2 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8004 port_no 0x4 designated_port 32772 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e4 designated_root 8000.0:15:17:e6:a2:e4 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    516        6        0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    883390     5203     0       0       0       0       
16: veth105i0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
    link/ether fe:65:b2:cc:7a:b6 brd ff:ff:ff:ff:ff:ff link-netnsid 4 promiscuity 1
    veth
    bridge_slave state forwarding priority 32 cost 2 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8005 port_no 0x5 designated_port 32773 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e4 designated_root 8000.0:15:17:e6:a2:e4 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    516        6        0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    842863     4926     0       0       0       0       
18: veth107i0@if17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
    link/ether fe:e9:26:9c:34:2b brd ff:ff:ff:ff:ff:ff link-netnsid 5 promiscuity 1
    veth
    bridge_slave state forwarding priority 32 cost 2 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8006 port_no 0x6 designated_port 32774 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e4 designated_root 8000.0:15:17:e6:a2:e4 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    516        6        0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    819669     4759     0       0       0       0       
19: tap109i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr1 state UNKNOWN group default qlen 1000
    link/ether 0e:3d:72:a9:86:ae brd ff:ff:ff:ff:ff:ff promiscuity 2
    tun
    bridge_slave state forwarding priority 32 cost 100 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8004 port_no 0x4 designated_port 32772 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e5 designated_root 8000.0:15:17:e6:a2:e5 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    81388      394      0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    2898997    9700     0       0       0       0       
21: veth110i0@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
    link/ether fe:fd:c2:4c:be:9d brd ff:ff:ff:ff:ff:ff link-netnsid 6 promiscuity 1
    veth
    bridge_slave state forwarding priority 32 cost 2 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8007 port_no 0x7 designated_port 32775 designated_cost 0 designated_bridge 8000.0:15:17:e6:a2:e4 designated_root 8000.0:15:17:e6:a2:e4 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0x0 group_fwd_mask_str 0x0 vlan_tunnel off numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    RX: bytes  packets  errors  dropped overrun mcast   
    516        6        0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns
    787805     4551     0       0       0       0       

# cat /etc/network/interfaces
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage part of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface enp1s0f0 inet manual

iface enp1s0f1 inet manual

auto vmbr0
iface vmbr0 inet static
    address  10.0.1.1
    netmask  255.255.254.0
    gateway  10.0.0.1
    bridge_ports enp1s0f0
    bridge_stp off
    bridge_fd 0

auto vmbr1
iface vmbr1 inet static
    address  10.0.0.50
    netmask  255.255.254.0
    bridge_ports enp1s0f1
    bridge_stp off
    bridge_fd 0
 

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
Code:
==== info about firewall ====

# cat /etc/pve/firewall/108.fw
[OPTIONS]

log_level_in: nolog
log_level_out: nolog
macfilter: 1
enable: 1
ipfilter: 0
policy_in: ACCEPT
policy_out: ACCEPT
dhcp: 1

[RULES]

IN REJECT -i net0 -source 10.0.0.0/16 # Block LAN
OUT REJECT -i net0 -dest 10.0.0.0/16 # Block LAN



# cat /etc/pve/firewall/cluster.fw
[OPTIONS]

policy_in: ACCEPT
enable: 1



# iptables-save
# Generated by iptables-save v1.6.0 on Wed Jul 18 11:36:02 2018
*nat
:PREROUTING ACCEPT [4454:721685]
:INPUT ACCEPT [2172:438182]
:OUTPUT ACCEPT [4807:3048706]
:POSTROUTING ACCEPT [15957:5098691]
COMMIT
# Completed on Wed Jul 18 11:36:02 2018
# Generated by iptables-save v1.6.0 on Wed Jul 18 11:36:02 2018
*filter
:INPUT ACCEPT [2680:516638]
:FORWARD ACCEPT [31618:9140272]
:OUTPUT ACCEPT [4822:3063898]
:PVEFW-Drop - [0:0]
:PVEFW-DropBroadcast - [0:0]
:PVEFW-FORWARD - [0:0]
:PVEFW-FWBR-IN - [0:0]
:PVEFW-FWBR-OUT - [0:0]
:PVEFW-HOST-IN - [0:0]
:PVEFW-HOST-OUT - [0:0]
:PVEFW-INPUT - [0:0]
:PVEFW-OUTPUT - [0:0]
:PVEFW-Reject - [0:0]
:PVEFW-SET-ACCEPT-MARK - [0:0]
:PVEFW-logflags - [0:0]
:PVEFW-reject - [0:0]
:PVEFW-smurflog - [0:0]
:PVEFW-smurfs - [0:0]
:PVEFW-tcpflags - [0:0]
:tap108i0-IN - [0:0]
:tap108i0-OUT - [0:0]
-A INPUT -j PVEFW-INPUT
-A FORWARD -j PVEFW-FORWARD
-A OUTPUT -j PVEFW-OUTPUT
-A PVEFW-Drop -p tcp -m tcp --dport 43 -j PVEFW-reject
-A PVEFW-Drop -j PVEFW-DropBroadcast
-A PVEFW-Drop -p icmp -m icmp --icmp-type 3/4 -j ACCEPT
-A PVEFW-Drop -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A PVEFW-Drop -m conntrack --ctstate INVALID -j DROP
-A PVEFW-Drop -p udp -m multiport --dports 135,445 -j DROP
-A PVEFW-Drop -p udp -m udp --dport 137:139 -j DROP
-A PVEFW-Drop -p udp -m udp --sport 137 --dport 1024:65535 -j DROP
-A PVEFW-Drop -p tcp -m multiport --dports 135,139,445 -j DROP
-A PVEFW-Drop -p udp -m udp --dport 1900 -j DROP
-A PVEFW-Drop -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A PVEFW-Drop -p udp -m udp --sport 53 -j DROP
-A PVEFW-Drop -m comment --comment "PVESIG:WDy2wbFe7jNYEyoO3QhUELZ4mIQ"
-A PVEFW-DropBroadcast -m addrtype --dst-type BROADCAST -j DROP
-A PVEFW-DropBroadcast -m addrtype --dst-type MULTICAST -j DROP
-A PVEFW-DropBroadcast -m addrtype --dst-type ANYCAST -j DROP
-A PVEFW-DropBroadcast -d 224.0.0.0/4 -j DROP
-A PVEFW-DropBroadcast -m comment --comment "PVESIG:NyjHNAtFbkH7WGLamPpdVnxHy4w"
-A PVEFW-FORWARD -m conntrack --ctstate INVALID -j DROP
-A PVEFW-FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A PVEFW-FORWARD -m physdev --physdev-in fwln+ --physdev-is-bridged -j PVEFW-FWBR-IN
-A PVEFW-FORWARD -m physdev --physdev-out fwln+ --physdev-is-bridged -j PVEFW-FWBR-OUT
-A PVEFW-FORWARD -m comment --comment "PVESIG:qnNexOcGa+y+jebd4dAUqFSp5nw"
-A PVEFW-FWBR-IN -m conntrack --ctstate INVALID,NEW -j PVEFW-smurfs
-A PVEFW-FWBR-IN -m physdev --physdev-out tap108i0 --physdev-is-bridged -j tap108i0-IN
-A PVEFW-FWBR-IN -m comment --comment "PVESIG:5/HVDdNnLQyUHgEfJCYCNW7IYnE"
-A PVEFW-FWBR-OUT -m physdev --physdev-in tap108i0 --physdev-is-bridged -j tap108i0-OUT
-A PVEFW-FWBR-OUT -m comment --comment "PVESIG:VhOHSdcEZb7qD6KaSnU98/hHf10"
-A PVEFW-HOST-IN -i lo -j ACCEPT
-A PVEFW-HOST-IN -m conntrack --ctstate INVALID -j DROP
-A PVEFW-HOST-IN -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A PVEFW-HOST-IN -m conntrack --ctstate INVALID,NEW -j PVEFW-smurfs
-A PVEFW-HOST-IN -p igmp -j RETURN
-A PVEFW-HOST-IN -p tcp -m set --match-set PVEFW-0-management-v4 src -m tcp --dport 8006 -j RETURN
-A PVEFW-HOST-IN -p tcp -m set --match-set PVEFW-0-management-v4 src -m tcp --dport 5900:5999 -j RETURN
-A PVEFW-HOST-IN -p tcp -m set --match-set PVEFW-0-management-v4 src -m tcp --dport 3128 -j RETURN
-A PVEFW-HOST-IN -p tcp -m set --match-set PVEFW-0-management-v4 src -m tcp --dport 22 -j RETURN
-A PVEFW-HOST-IN -s 10.0.0.0/23 -d 10.0.0.0/23 -p udp -m udp --dport 5404:5405 -j RETURN
-A PVEFW-HOST-IN -s 10.0.0.0/23 -p udp -m addrtype --dst-type MULTICAST -m udp --dport 5404:5405 -j RETURN
-A PVEFW-HOST-IN -j RETURN
-A PVEFW-HOST-IN -m comment --comment "PVESIG:7bv1E9+1q3CtgZ6KVnLBrjFNhTY"
-A PVEFW-HOST-OUT -o lo -j ACCEPT
-A PVEFW-HOST-OUT -m conntrack --ctstate INVALID -j DROP
-A PVEFW-HOST-OUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A PVEFW-HOST-OUT -p igmp -j RETURN
-A PVEFW-HOST-OUT -d 10.0.0.0/23 -p tcp -m tcp --dport 8006 -j RETURN
-A PVEFW-HOST-OUT -d 10.0.0.0/23 -p tcp -m tcp --dport 22 -j RETURN
-A PVEFW-HOST-OUT -d 10.0.0.0/23 -p tcp -m tcp --dport 5900:5999 -j RETURN
-A PVEFW-HOST-OUT -d 10.0.0.0/23 -p tcp -m tcp --dport 3128 -j RETURN
-A PVEFW-HOST-OUT -d 10.0.0.0/23 -p udp -m udp --dport 5404:5405 -j RETURN
-A PVEFW-HOST-OUT -p udp -m addrtype --dst-type MULTICAST -m udp --dport 5404:5405 -j RETURN
-A PVEFW-HOST-OUT -j RETURN
-A PVEFW-HOST-OUT -m comment --comment "PVESIG:V9ZrZYa+2WgcdQ83wSE8XpAcHqQ"
-A PVEFW-INPUT -j PVEFW-HOST-IN
-A PVEFW-INPUT -m comment --comment "PVESIG:+5iMmLaxKXynOB/+5xibfx7WhFk"
-A PVEFW-OUTPUT -j PVEFW-HOST-OUT
-A PVEFW-OUTPUT -m comment --comment "PVESIG:LjHoZeSSiWAG3+2ZAyL/xuEehd0"
-A PVEFW-Reject -p tcp -m tcp --dport 43 -j PVEFW-reject
-A PVEFW-Reject -j PVEFW-DropBroadcast
-A PVEFW-Reject -p icmp -m icmp --icmp-type 3/4 -j ACCEPT
-A PVEFW-Reject -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A PVEFW-Reject -m conntrack --ctstate INVALID -j DROP
-A PVEFW-Reject -p udp -m multiport --dports 135,445 -j PVEFW-reject
-A PVEFW-Reject -p udp -m udp --dport 137:139 -j PVEFW-reject
-A PVEFW-Reject -p udp -m udp --sport 137 --dport 1024:65535 -j PVEFW-reject
-A PVEFW-Reject -p tcp -m multiport --dports 135,139,445 -j PVEFW-reject
-A PVEFW-Reject -p udp -m udp --dport 1900 -j DROP
-A PVEFW-Reject -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A PVEFW-Reject -p udp -m udp --sport 53 -j DROP
-A PVEFW-Reject -m comment --comment "PVESIG:CZJnIN6rAdpu+ej59QPr9+laMUo"
-A PVEFW-SET-ACCEPT-MARK -j MARK --set-xmark 0x80000000/0x80000000
-A PVEFW-SET-ACCEPT-MARK -m comment --comment "PVESIG:Hg/OIgIwJChBUcWU8Xnjhdd2jUY"
-A PVEFW-logflags -j DROP
-A PVEFW-logflags -m comment --comment "PVESIG:MN4PH1oPZeABMuWr64RrygPfW7A"
-A PVEFW-reject -m addrtype --dst-type BROADCAST -j DROP
-A PVEFW-reject -s 224.0.0.0/4 -j DROP
-A PVEFW-reject -p icmp -j DROP
-A PVEFW-reject -p tcp -j REJECT --reject-with tcp-reset
-A PVEFW-reject -p udp -j REJECT --reject-with icmp-port-unreachable
-A PVEFW-reject -p icmp -j REJECT --reject-with icmp-host-unreachable
-A PVEFW-reject -j REJECT --reject-with icmp-host-prohibited
-A PVEFW-reject -m comment --comment "PVESIG:Jlkrtle1mDdtxDeI9QaDSL++Npc"
-A PVEFW-smurflog -j DROP
-A PVEFW-smurflog -m comment --comment "PVESIG:2gfT1VMkfr0JL6OccRXTGXo+1qk"
-A PVEFW-smurfs -s 0.0.0.0/32 -j RETURN
-A PVEFW-smurfs -m addrtype --src-type BROADCAST -g PVEFW-smurflog
-A PVEFW-smurfs -s 224.0.0.0/4 -g PVEFW-smurflog
-A PVEFW-smurfs -m comment --comment "PVESIG:HssVe5QCBXd5mc9kC88749+7fag"
-A PVEFW-tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g PVEFW-logflags
-A PVEFW-tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g PVEFW-logflags
-A PVEFW-tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g PVEFW-logflags
-A PVEFW-tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g PVEFW-logflags
-A PVEFW-tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g PVEFW-logflags
-A PVEFW-tcpflags -m comment --comment "PVESIG:CMFojwNPqllyqD67NeI5m+bP5mo"
-A tap108i0-IN -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A tap108i0-IN -s 10.0.0.0/16 -j PVEFW-reject
-A tap108i0-IN -j ACCEPT
-A tap108i0-IN -m comment --comment "PVESIG:xV5hc5wYS8fruganWgZ9++JBUNU"
-A tap108i0-OUT -p udp -m udp --sport 68 --dport 67 -g PVEFW-SET-ACCEPT-MARK
-A tap108i0-OUT -m mac ! --mac-source A6:E4:F6:2C:58:C0 -j DROP
-A tap108i0-OUT -j MARK --set-xmark 0x0/0x80000000
-A tap108i0-OUT -d 10.0.0.0/16 -j PVEFW-reject
-A tap108i0-OUT -g PVEFW-SET-ACCEPT-MARK
-A tap108i0-OUT -m comment --comment "PVESIG:J8EVLZ1Pa2x5PMnNyiPD1Z/AyDE"
COMMIT
# Completed on Wed Jul 18 11:36:02 2018

==== info about cluster ====

# pvecm nodes
Corosync config '/etc/pve/corosync.conf' does not exist - is this node part of a cluster?
Cannot initialize CMAP service

# pvecm status
Corosync config '/etc/pve/corosync.conf' does not exist - is this node part of a cluster?
Cannot initialize CMAP service

# cat /etc/pve/corosync.conf 2>/dev/null

==== info about bios ====

# dmidecode -t bios
# dmidecode 3.0
Getting SMBIOS data from sysfs.
SMBIOS 2.5 present.

Handle 0x0005, DMI type 0, 24 bytes
BIOS Information
    Vendor: Intel Corp.
    Version: S5500.86B.01.00.0069.032620181413
    Release Date: 03/26/2018
    Address: 0xF0000
    Runtime Size: 64 kB
    ROM Size: 8192 kB
    Characteristics:
        PCI is supported
        PNP is supported
        BIOS is upgradeable
        BIOS shadowing is allowed
        Boot from CD is supported
        Selectable boot is supported
        EDD is supported
        3.5"/2.88 MB floppy services are supported (int 13h)
        Print screen service is supported (int 5h)
        8042 keyboard services are supported (int 9h)
        Serial services are supported (int 14h)
        CGA/mono video services are supported (int 10h)
        ACPI is supported
        USB legacy is supported
        LS-120 boot is supported
        ATAPI Zip drive boot is supported
        Function key-initiated network boot is supported
        Targeted content distribution is supported
    BIOS Revision: 17.18
    Firmware Revision: 0.0

Handle 0x001E, DMI type 13, 22 bytes
BIOS Language Information
    Language Description Format: Long
    Installable Languages: 1
        en|US|iso8859-1
    Currently Installed Language: en|US|iso8859-1


==== info about pci ====

# lspci -nnk
00:00.0 Host bridge [0600]: Intel Corporation 5520 I/O Hub to ESI Port [8086:3406] (rev 22)
    Subsystem: Intel Corporation 5520 I/O Hub to ESI Port [8086:34de]
00:01.0 PCI bridge [0604]: Intel Corporation 5520/5500/X58 I/O Hub PCI Express Root Port 1 [8086:3408] (rev 22)
    Kernel driver in use: pcieport
    Kernel modules: shpchp
00:03.0 PCI bridge [0604]: Intel Corporation 5520/5500/X58 I/O Hub PCI Express Root Port 3 [8086:340a] (rev 22)
    Kernel driver in use: pcieport
    Kernel modules: shpchp
00:05.0 PCI bridge [0604]: Intel Corporation 5520/X58 I/O Hub PCI Express Root Port 5 [8086:340c] (rev 22)
    Kernel driver in use: pcieport
    Kernel modules: shpchp
00:07.0 PCI bridge [0604]: Intel Corporation 5520/5500/X58 I/O Hub PCI Express Root Port 7 [8086:340e] (rev 22)
    Kernel driver in use: pcieport
    Kernel modules: shpchp
00:09.0 PCI bridge [0604]: Intel Corporation 7500/5520/5500/X58 I/O Hub PCI Express Root Port 9 [8086:3410] (rev 22)
    Kernel driver in use: pcieport
    Kernel modules: shpchp
00:0a.0 PCI bridge [0604]: Intel Corporation 7500/5520/5500/X58 I/O Hub PCI Express Root Port 10 [8086:3411] (rev 22)
    Kernel driver in use: pcieport
    Kernel modules: shpchp
00:10.0 PIC [0800]: Intel Corporation 7500/5520/5500/X58 Physical and Link Layer Registers Port 0 [8086:3425] (rev 22)
    Subsystem: Device [0086:00de]
00:10.1 PIC [0800]: Intel Corporation 7500/5520/5500/X58 Routing and Protocol Layer Registers Port 0 [8086:3426] (rev 22)
    Subsystem: Device [0086:00de]
00:11.0 PIC [0800]: Intel Corporation 7500/5520/5500 Physical and Link Layer Registers Port 1 [8086:3427] (rev 22)
    Subsystem: Device [0086:00de]
00:11.1 PIC [0800]: Intel Corporation 7500/5520/5500 Routing & Protocol Layer Register Port 1 [8086:3428] (rev 22)
    Subsystem: Device [0086:00de]
00:13.0 PIC [0800]: Intel Corporation 7500/5520/5500/X58 I/O Hub I/OxAPIC Interrupt Controller [8086:342d] (rev 22)
    Subsystem: Device [0086:00de]
00:14.0 PIC [0800]: Intel Corporation 7500/5520/5500/X58 I/O Hub System Management Registers [8086:342e] (rev 22)
    Subsystem: Device [0086:00de]
    Kernel driver in use: i7core_edac
    Kernel modules: i7core_edac
00:14.1 PIC [0800]: Intel Corporation 7500/5520/5500/X58 I/O Hub GPIO and Scratch Pad Registers [8086:3422] (rev 22)
    Subsystem: Device [0086:00de]
00:14.2 PIC [0800]: Intel Corporation 7500/5520/5500/X58 I/O Hub Control Status and RAS Registers [8086:3423] (rev 22)
    Subsystem: Device [0086:00de]
00:14.3 PIC [0800]: Intel Corporation 7500/5520/5500/X58 I/O Hub Throttle Registers [8086:3438] (rev 22)
    Subsystem: Device [0086:00de]
    Kernel driver in use: i5500_temp
    Kernel modules: i5500_temp
00:15.0 PIC [0800]: Intel Corporation 7500/5520/5500/X58 Trusted Execution Technology Registers [8086:342f] (rev 22)
    Subsystem: Device [0086:00de]
00:16.0 System peripheral [0880]: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:3430] (rev 22)
    Subsystem: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:34de]
    Kernel driver in use: ioatdma
    Kernel modules: ioatdma
00:16.1 System peripheral [0880]: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:3431] (rev 22)
    Subsystem: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:34de]
    Kernel driver in use: ioatdma
    Kernel modules: ioatdma
00:16.2 System peripheral [0880]: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:3432] (rev 22)
    Subsystem: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:34de]
    Kernel driver in use: ioatdma
    Kernel modules: ioatdma
00:16.3 System peripheral [0880]: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:3433] (rev 22)
    Subsystem: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:34de]
    Kernel driver in use: ioatdma
    Kernel modules: ioatdma
00:16.4 System peripheral [0880]: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:3429] (rev 22)
    Subsystem: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:34de]
    Kernel driver in use: ioatdma
    Kernel modules: ioatdma
00:16.5 System peripheral [0880]: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:342a] (rev 22)
    Subsystem: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:34de]
    Kernel driver in use: ioatdma
    Kernel modules: ioatdma
00:16.6 System peripheral [0880]: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:342b] (rev 22)
    Subsystem: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:34de]
    Kernel driver in use: ioatdma
    Kernel modules: ioatdma
00:16.7 System peripheral [0880]: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:342c] (rev 22)
    Subsystem: Intel Corporation 5520/5500/X58 Chipset QuickData Technology Device [8086:34de]
    Kernel driver in use: ioatdma
    Kernel modules: ioatdma
00:1a.0 USB controller [0c03]: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller #4 [8086:3a37]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller [8086:34de]
    Kernel driver in use: uhci_hcd
00:1a.1 USB controller [0c03]: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller #5 [8086:3a38]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller [8086:34de]
    Kernel driver in use: uhci_hcd
00:1a.2 USB controller [0c03]: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller #6 [8086:3a39]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller [8086:34de]
    Kernel driver in use: uhci_hcd
00:1a.7 USB controller [0c03]: Intel Corporation 82801JI (ICH10 Family) USB2 EHCI Controller #2 [8086:3a3c]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) USB2 EHCI Controller [8086:34de]
    Kernel driver in use: ehci-pci
00:1c.0 PCI bridge [0604]: Intel Corporation 82801JI (ICH10 Family) PCI Express Root Port 1 [8086:3a40]
    Kernel driver in use: pcieport
    Kernel modules: shpchp
00:1c.4 PCI bridge [0604]: Intel Corporation 82801JI (ICH10 Family) PCI Express Root Port 5 [8086:3a48]
    Kernel driver in use: pcieport
    Kernel modules: shpchp
00:1c.5 PCI bridge [0604]: Intel Corporation 82801JI (ICH10 Family) PCI Express Root Port 6 [8086:3a4a]
    Kernel driver in use: pcieport
    Kernel modules: shpchp
00:1d.0 USB controller [0c03]: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller #1 [8086:3a34]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller [8086:34de]
    Kernel driver in use: uhci_hcd
00:1d.1 USB controller [0c03]: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller #2 [8086:3a35]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller [8086:34de]
    Kernel driver in use: uhci_hcd
00:1d.2 USB controller [0c03]: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller #3 [8086:3a36]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) USB UHCI Controller [8086:34de]
    Kernel driver in use: uhci_hcd
00:1d.7 USB controller [0c03]: Intel Corporation 82801JI (ICH10 Family) USB2 EHCI Controller #1 [8086:3a3a]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) USB2 EHCI Controller [8086:34de]
    Kernel driver in use: ehci-pci
00:1e.0 PCI bridge [0604]: Intel Corporation 82801 PCI Bridge [8086:244e] (rev 90)
00:1f.0 ISA bridge [0601]: Intel Corporation 82801JIR (ICH10R) LPC Interface Controller [8086:3a16]
    Subsystem: Intel Corporation 82801JIR (ICH10R) LPC Interface Controller [8086:34de]
    Kernel driver in use: lpc_ich
    Kernel modules: lpc_ich
00:1f.2 SATA controller [0106]: Intel Corporation 82801JI (ICH10 Family) SATA AHCI Controller [8086:3a22]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) SATA AHCI Controller [8086:34de]
    Kernel driver in use: ahci
    Kernel modules: ahci
00:1f.3 SMBus [0c05]: Intel Corporation 82801JI (ICH10 Family) SMBus Controller [8086:3a30]
    Subsystem: Intel Corporation 82801JI (ICH10 Family) SMBus Controller [8086:34de]
    Kernel driver in use: i801_smbus
    Kernel modules: i2c_i801
01:00.0 Ethernet controller [0200]: Intel Corporation 82575EB Gigabit Network Connection [8086:10a7] (rev 02)
    Subsystem: Intel Corporation 82575EB Gigabit Network Connection [8086:34de]
    Kernel driver in use: igb
    Kernel modules: igb
01:00.1 Ethernet controller [0200]: Intel Corporation 82575EB Gigabit Network Connection [8086:10a7] (rev 02)
    Subsystem: Intel Corporation 82575EB Gigabit Network Connection [8086:34de]
    Kernel driver in use: igb
    Kernel modules: igb
02:00.0 VGA compatible controller [0300]: NVIDIA Corporation GK208 [GeForce GT 710B] [10de:128b] (rev a1)
    Subsystem: Gigabyte Technology Co., Ltd GK208 [GeForce GT 710B] [1458:375a]
    Kernel driver in use: vfio-pci
    Kernel modules: nvidiafb, nouveau
02:00.1 Audio device [0403]: NVIDIA Corporation GK208 HDMI/DP Audio Controller [10de:0e0f] (rev a1)
    Subsystem: Gigabyte Technology Co., Ltd GK208 HDMI/DP Audio Controller [1458:375a]
    Kernel driver in use: vfio-pci
    Kernel modules: snd_hda_intel
03:00.0 RAID bus controller [0104]: LSI Logic / Symbios Logic MegaRAID SAS 1078 [1000:0060] (rev 04)
    Subsystem: Intel Corporation RAID Controller SRCSAS28EV [8086:100a]
    Kernel driver in use: megaraid_sas
    Kernel modules: megaraid_sas
08:00.0 VGA compatible controller [0300]: Matrox Electronics Systems Ltd. MGA G200e [Pilot] ServerEngines (SEP1) [102b:0522] (rev 02)
    Subsystem: Intel Corporation MGA G200e [Pilot] ServerEngines (SEP1) [8086:0101]
    Kernel driver in use: mgag200
    Kernel modules: mgag200
fe:00.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series QuickPath Architecture Generic Non-core Registers [8086:2c70] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QuickPath Architecture Generic Non-core Registers [8086:8086]
fe:00.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series QuickPath Architecture System Address Decoder [8086:2d81] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QuickPath Architecture System Address Decoder [8086:8086]
fe:02.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series QPI Link 0 [8086:2d90] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QPI Link 0 [8086:8086]
fe:02.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series QPI Physical 0 [8086:2d91] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QPI Physical 0 [8086:8086]
fe:02.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Mirror Port Link 0 [8086:2d92] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Mirror Port Link 0 [8086:8086]
fe:02.3 Host bridge [0600]: Intel Corporation Xeon 5600 Series Mirror Port Link 1 [8086:2d93] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Mirror Port Link 1 [8086:8086]
fe:02.4 Host bridge [0600]: Intel Corporation Xeon 5600 Series QPI Link 1 [8086:2d94] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QPI Link 1 [8086:8086]
fe:02.5 Host bridge [0600]: Intel Corporation Xeon 5600 Series QPI Physical 1 [8086:2d95] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QPI Physical 1 [8086:8086]
fe:03.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Registers [8086:2d98] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Registers [8086:8086]
fe:03.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Target Address Decoder [8086:2d99] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Target Address Decoder [8086:8086]
fe:03.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller RAS Registers [8086:2d9a] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller RAS Registers [8086:8086]
fe:03.4 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Test Registers [8086:2d9c] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Test Registers [8086:8086]
fe:04.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Control [8086:2da0] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Control [8086:8086]
fe:04.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Address [8086:2da1] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Address [8086:8086]
fe:04.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Rank [8086:2da2] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Rank [8086:8086]
fe:04.3 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Thermal Control [8086:2da3] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Thermal Control [8086:8086]
fe:05.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Control [8086:2da8] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Control [8086:8086]
fe:05.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Address [8086:2da9] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Address [8086:8086]
fe:05.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Rank [8086:2daa] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Rank [8086:8086]
fe:05.3 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Thermal Control [8086:2dab] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Thermal Control [8086:8086]
fe:06.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Control [8086:2db0] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Control [8086:8086]
fe:06.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Address [8086:2db1] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Address [8086:8086]
fe:06.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Rank [8086:2db2] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Rank [8086:8086]
fe:06.3 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Thermal Control [8086:2db3] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Thermal Control [8086:8086]
ff:00.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series QuickPath Architecture Generic Non-core Registers [8086:2c70] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QuickPath Architecture Generic Non-core Registers [8086:8086]
ff:00.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series QuickPath Architecture System Address Decoder [8086:2d81] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QuickPath Architecture System Address Decoder [8086:8086]
ff:02.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series QPI Link 0 [8086:2d90] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QPI Link 0 [8086:8086]
ff:02.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series QPI Physical 0 [8086:2d91] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QPI Physical 0 [8086:8086]
ff:02.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Mirror Port Link 0 [8086:2d92] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Mirror Port Link 0 [8086:8086]
ff:02.3 Host bridge [0600]: Intel Corporation Xeon 5600 Series Mirror Port Link 1 [8086:2d93] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Mirror Port Link 1 [8086:8086]
ff:02.4 Host bridge [0600]: Intel Corporation Xeon 5600 Series QPI Link 1 [8086:2d94] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QPI Link 1 [8086:8086]
ff:02.5 Host bridge [0600]: Intel Corporation Xeon 5600 Series QPI Physical 1 [8086:2d95] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series QPI Physical 1 [8086:8086]
ff:03.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Registers [8086:2d98] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Registers [8086:8086]
ff:03.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Target Address Decoder [8086:2d99] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Target Address Decoder [8086:8086]
ff:03.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller RAS Registers [8086:2d9a] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller RAS Registers [8086:8086]
ff:03.4 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Test Registers [8086:2d9c] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Test Registers [8086:8086]
ff:04.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Control [8086:2da0] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Control [8086:8086]
ff:04.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Address [8086:2da1] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Address [8086:8086]
ff:04.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Rank [8086:2da2] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Rank [8086:8086]
ff:04.3 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Thermal Control [8086:2da3] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 0 Thermal Control [8086:8086]
ff:05.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Control [8086:2da8] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Control [8086:8086]
ff:05.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Address [8086:2da9] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Address [8086:8086]
ff:05.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Rank [8086:2daa] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Rank [8086:8086]
ff:05.3 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Thermal Control [8086:2dab] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 1 Thermal Control [8086:8086]
ff:06.0 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Control [8086:2db0] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Control [8086:8086]
ff:06.1 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Address [8086:2db1] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Address [8086:8086]
ff:06.2 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Rank [8086:2db2] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Rank [8086:8086]
ff:06.3 Host bridge [0600]: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Thermal Control [8086:2db3] (rev 02)
    Subsystem: Intel Corporation Xeon 5600 Series Integrated Memory Controller Channel 2 Thermal Control [8086:8086]
 

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
Code:
==== info about disks ====

# lsblk --ascii
NAME                         MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda                            8:0    0 930.4G  0 disk
|-sda1                         8:1    0     1M  0 part
|-sda2                         8:2    0   256M  0 part
`-sda3                         8:3    0 930.1G  0 part
  |-pve-swap                 253:0    0     8G  0 lvm  [SWAP]
  |-pve-root                 253:1    0  67.8G  0 lvm  /
  |-pve-data_tmeta           253:2    0    92M  0 lvm
  | `-pve-data-tpool         253:4    0 854.2G  0 lvm
  |   |-pve-data             253:5    0 854.2G  0 lvm
  |   |-pve-vm--100--disk--1 253:6    0     8G  0 lvm
  |   |-pve-vm--102--disk--1 253:7    0    20G  0 lvm
  |   |-pve-vm--103--disk--1 253:8    0   100G  0 lvm
  |   |-pve-vm--105--disk--1 253:9    0     8G  0 lvm
  |   |-pve-vm--106--disk--1 253:10   0     8G  0 lvm
  |   |-pve-vm--107--disk--1 253:11   0     5G  0 lvm
  |   |-pve-vm--108--disk--1 253:12   0    64G  0 lvm
  |   |-pve-vm--104--disk--1 253:13   0    10G  0 lvm
  |   |-pve-vm--109--disk--1 253:14   0   100G  0 lvm
  |   |-pve-vm--110--disk--1 253:15   0     8G  0 lvm
  |   |-pve-vm--101--disk--1 253:16   0     8G  0 lvm
  |   `-pve-vm--111--disk--1 253:17   0     8G  0 lvm
  `-pve-data_tdata           253:3    0 854.2G  0 lvm
    `-pve-data-tpool         253:4    0 854.2G  0 lvm
      |-pve-data             253:5    0 854.2G  0 lvm
      |-pve-vm--100--disk--1 253:6    0     8G  0 lvm
      |-pve-vm--102--disk--1 253:7    0    20G  0 lvm
      |-pve-vm--103--disk--1 253:8    0   100G  0 lvm
      |-pve-vm--105--disk--1 253:9    0     8G  0 lvm
      |-pve-vm--106--disk--1 253:10   0     8G  0 lvm
      |-pve-vm--107--disk--1 253:11   0     5G  0 lvm
      |-pve-vm--108--disk--1 253:12   0    64G  0 lvm
      |-pve-vm--104--disk--1 253:13   0    10G  0 lvm
      |-pve-vm--109--disk--1 253:14   0   100G  0 lvm
      |-pve-vm--110--disk--1 253:15   0     8G  0 lvm
      |-pve-vm--101--disk--1 253:16   0     8G  0 lvm
      `-pve-vm--111--disk--1 253:17   0     8G  0 lvm
sdb                            8:16   0 464.7G  0 disk
`-sdb1                         8:17   0 464.7G  0 part
sdc                            8:32   0   2.7T  0 disk
|-sdc1                         8:33   0   128M  0 part
`-sdc2                         8:34   0   2.7T  0 part
sdd                            8:48   0 931.5G  0 disk
`-sdd1                         8:49   0 931.5G  0 part /mnt/backup
sr0                           11:0    1  1024M  0 rom

==== info about volumes ====

# lvs
  LV            VG  Attr       LSize   Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert
  data          pve twi-aotz-- 854.21g             19.97  43.94                           
  root          pve -wi-ao----  67.75g                                                   
  swap          pve -wi-ao----   8.00g                                                   
  vm-100-disk-1 pve Vwi-aotz--   8.00g data        23.77                                 
  vm-101-disk-1 pve Vwi-aotz--   8.00g data        92.84                                 
  vm-102-disk-1 pve Vwi-aotz--  20.00g data        30.05                                 
  vm-103-disk-1 pve Vwi-aotz-- 100.00g data        71.97                                 
  vm-104-disk-1 pve Vwi-aotz--  10.00g data        10.42                                 
  vm-105-disk-1 pve Vwi-aotz--   8.00g data        14.42                                 
  vm-106-disk-1 pve Vwi-a-tz--   8.00g data        24.63                                 
  vm-107-disk-1 pve Vwi-aotz--   5.00g data        22.63                                 
  vm-108-disk-1 pve Vwi-a-tz--  64.00g data        30.31                                 
  vm-109-disk-1 pve Vwi-aotz-- 100.00g data        56.29                                 
  vm-110-disk-1 pve Vwi-aotz--   8.00g data        13.47                                 
  vm-111-disk-1 pve Vwi-a-tz--   8.00g data        14.68                                 

# vgs
  VG  #PV #LV #SN Attr   VSize   VFree
  pve   1  15   0 wz--n- 930.14g    0

# zpool status
no pools available

# zfs list
no datasets available
 

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
Code:
Jul 17 20:12:44 Mercury smartd[1204]: Device: /dev/sdd [SAT], SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 69 to 70
Jul 17 20:12:44 Mercury smartd[1204]: Device: /dev/sdd [SAT], SMART Usage Attribute: 194 Temperature_Celsius changed from 31 to 30
Jul 17 20:17:01 Mercury CRON[24629]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Jul 17 20:42:44 Mercury rrdcached[1867]: flushing old values
Jul 17 20:42:44 Mercury rrdcached[1867]: rotating journals
Jul 17 20:42:44 Mercury rrdcached[1867]: started new journal /var/lib/rrdcached/journal/rrd.journal.1531856564.711964
Jul 17 20:42:44 Mercury rrdcached[1867]: removing old journal /var/lib/rrdcached/journal/rrd.journal.1531849364.712014
Jul 17 20:42:44 Mercury smartd[1204]: Device: /dev/sdc [SAT], SMART Prefailure Attribute: 1 Raw_Read_Error_Rate changed from 115 to 116
Jul 17 20:42:45 Mercury smartd[1204]: Device: /dev/sdd [SAT], SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 70 to 69
Jul 17 20:42:45 Mercury smartd[1204]: Device: /dev/sdd [SAT], SMART Usage Attribute: 194 Temperature_Celsius changed from 30 to 31
Jul 17 21:12:44 Mercury smartd[1204]: Device: /dev/bus/0 [megaraid_disk_18] [SAT], SMART Prefailure Attribute: 1 Raw_Read_Error_Rate changed from 118 to 119
Jul 17 21:12:44 Mercury smartd[1204]: Device: /dev/bus/0 [megaraid_disk_18] [SAT], SMART Usage Attribute: 195 Hardware_ECC_Recovered changed from 55 to 56
Jul 17 21:17:01 Mercury CRON[13800]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Jul 17 21:42:44 Mercury smartd[1204]: Device: /dev/sdd [SAT], SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 69 to 70
Jul 17 21:42:44 Mercury smartd[1204]: Device: /dev/sdd [SAT], SMART Usage Attribute: 194 Temperature_Celsius changed from 31 to 30
Jul 17 21:42:44 Mercury rrdcached[1867]: flushing old values
Jul 17 21:42:44 Mercury rrdcached[1867]: rotating journals
Jul 17 21:42:44 Mercury rrdcached[1867]: started new journal /var/lib/rrdcached/journal/rrd.journal.1531860164.711978
Jul 17 21:42:44 Mercury rrdcached[1867]: removing old journal /var/lib/rrdcached/journal/rrd.journal.1531852964.711978
Jul 17 21:42:44 Mercury smartd[1204]: Device: /dev/bus/0 [megaraid_disk_17] [SAT], SMART Usage Attribute: 194 Temperature_Celsius changed from 79 to 80
Jul 17 21:52:20 Mercury kernel: [285005.767995] hid-generic 0003:046D:C52E.002B: input,hidraw0: USB HID v1.11 Keyboard [Logitech USB Receiver] on usb-0000:00:1d.7-2.2.4/input0
Jul 17 21:52:20 Mercury kernel: [285005.770766] input: Logitech USB Receiver as /devices/pci0000:00/0000:00:1d.7/usb2/2-2/2-2.2/2-2.2.4/2-2.2.4:1.1/0003:046D:C52E.002C/input/input48
Jul 17 21:52:22 Mercury kernel: [285007.435446] usb 2-2.2.4: reset full-speed USB device number 20 using ehci-pci
Jul 17 21:52:22 Mercury kernel: [285007.679403] usb 2-2.2.4: reset full-speed USB device number 20 using ehci-pci
Jul 17 22:12:44 Mercury smartd[1204]: Device: /dev/sdc [SAT], SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 67 to 68
Jul 17 22:12:44 Mercury smartd[1204]: Device: /dev/sdc [SAT], SMART Usage Attribute: 194 Temperature_Celsius changed from 33 to 32
Jul 17 22:17:01 Mercury CRON[3001]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Jul 17 22:42:44 Mercury rrdcached[1867]: flushing old values
Jul 17 22:42:44 Mercury rrdcached[1867]: rotating journals
Jul 17 22:42:44 Mercury rrdcached[1867]: started new journal /var/lib/rrdcached/journal/rrd.journal.1531863764.711974
Jul 17 22:42:44 Mercury rrdcached[1867]: removing old journal /var/lib/rrdcached/journal/rrd.journal.1531856564.711964
Jul 17 23:17:01 Mercury CRON[24553]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Jul 17 23:42:44 Mercury rrdcached[1867]: flushing old values
Jul 17 23:42:44 Mercury rrdcached[1867]: rotating journals
Jul 17 23:42:44 Mercury rrdcached[1867]: started new journal /var/lib/rrdcached/journal/rrd.journal.1531867364.712006
Jul 17 23:42:44 Mercury rrdcached[1867]: removing old journal /var/lib/rrdcached/journal/rrd.journal.1531860164.711978
Jul 18 10:41:36 Mercury systemd-modules-load[430]: Inserted module 'vfio'
Jul 18 10:41:36 Mercury systemd-modules-load[430]: Inserted module 'vfio_pci'
Jul 18 10:41:36 Mercury kernel: [    0.000000] Linux version 4.15.18-1-pve (build@pve) (gcc version 6.3.0 20170516 (Debian 6.3.0-18+deb9u1)) #1 SMP PVE 4.15.18-15 (Wed, 04 Jul 2018 15:42:56 +0200) ()
Jul 18 10:41:36 Mercury kernel: [    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-4.15.18-1-pve root=/dev/mapper/pve-root ro quiet intel_iommu=on video=efifb:off
Jul 18 10:41:36 Mercury kernel: [    0.000000] KERNEL supported cpus:
Jul 18 10:41:36 Mercury systemd[1]: Mounted Huge Pages File System.
Jul 18 10:41:36 Mercury kernel: [    0.000000]   Intel GenuineIntel
Jul 18 10:41:36 Mercury kernel: [    0.000000]   AMD AuthenticAMD
Jul 18 10:41:36 Mercury kernel: [    0.000000]   Centaur CentaurHauls
Jul 18 10:41:36 Mercury kernel: [    0.000000] x86/fpu: x87 FPU will use FXSAVE
Jul 18 10:41:36 Mercury kernel: [    0.000000] e820: BIOS-provided physical RAM map:
Jul 18 10:41:36 Mercury systemd[1]: Mounted Debug File System.
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x0000000000000000-0x00000000000997ff] usable
Jul 18 10:41:36 Mercury systemd[1]: Mounted POSIX Message Queue File System.
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x0000000000099800-0x000000000009ffff] reserved
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000008c257fff] usable
Jul 18 10:41:36 Mercury systemd[1]: Started Remount Root and Kernel File Systems.
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008c258000-0x000000008c33afff] ACPI NVS
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008c33b000-0x000000008c445fff] ACPI data
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008c446000-0x000000008d845fff] ACPI NVS
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008d846000-0x000000008f601fff] ACPI data
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008f602000-0x000000008f64efff] reserved
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008f64f000-0x000000008f6e2fff] ACPI data
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008f6e3000-0x000000008f6ecfff] ACPI NVS
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008f6ed000-0x000000008f6effff] ACPI data
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008f6f0000-0x000000008f7cefff] ACPI NVS
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008f7cf000-0x000000008f7fffff] ACPI data
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x000000008f800000-0x000000008fffffff] reserved
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x00000000a0000000-0x00000000afffffff] reserved
Jul 18 10:41:36 Mercury systemd[1]: Starting Load/Save Random Seed...
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x00000000fc000000-0x00000000fcffffff] reserved
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed44fff] reserved
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x00000000ff800000-0x00000000ffffffff] reserved
Jul 18 10:41:36 Mercury kernel: [    0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000096fffffff] usable
Jul 18 10:41:36 Mercury systemd[1]: Starting Flush Journal to Persistent Storage...
Jul 18 10:41:36 Mercury kernel: [    0.000000] NX (Execute Disable) protection: active
Jul 18 10:41:36 Mercury kernel: [    0.000000] SMBIOS 2.5 present.
Jul 18 10:41:36 Mercury kernel: [    0.000000] DMI: Intel Corporation S5520UR/S5520UR, BIOS S5500.86B.01.00.0069.032620181413 03/26/2018
Jul 18 10:41:36 Mercury systemd[1]: Starting udev Coldplug all Devices...
Jul 18 10:41:36 Mercury kernel: [    0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
Jul 18 10:41:36 Mercury kernel: [    0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
Jul 18 10:41:36 Mercury kernel: [    0.000000] e820: last_pfn = 0x970000 max_arch_pfn = 0x400000000
Jul 18 10:41:36 Mercury kernel: [    0.000000] MTRR default type: uncachable
Jul 18 10:41:36 Mercury kernel: [    0.000000] MTRR fixed ranges enabled:
Jul 18 10:41:36 Mercury kernel: [    0.000000]   00000-9FFFF write-back
Jul 18 10:41:36 Mercury kernel: [    0.000000]   A0000-BFFFF uncachable
Jul 18 10:41:36 Mercury systemd-modules-load[430]: Inserted module 'iscsi_tcp'
Jul 18 10:41:36 Mercury kernel: [    0.000000]   C0000-DFFFF write-through
Jul 18 10:41:36 Mercury kernel: [    0.000000]   E0000-FFFFF write-protect
Jul 18 10:41:36 Mercury kernel: [    0.000000] MTRR variable ranges enabled:
Jul 18 10:41:36 Mercury kernel: [    0.000000]   0 base 0000000000 mask FF80000000 write-back
Jul 18 10:41:36 Mercury kernel: [    0.000000]   1 base 0080000000 mask FFF0000000 write-back
Jul 18 10:41:36 Mercury systemd[1]: Started Flush Journal to Persistent Storage.
Jul 18 10:41:36 Mercury kernel: [    0.000000]   2 base 0100000000 mask FF00000000 write-back
Jul 18 10:41:36 Mercury kernel: [    0.000000]   3 base 0200000000 mask FE00000000 write-back
Jul 18 10:41:36 Mercury kernel: [    0.000000]   4 base 0400000000 mask FC00000000 write-back
Jul 18 10:41:36 Mercury systemd[1]: Started Load/Save Random Seed.
Jul 18 10:41:36 Mercury kernel: [    0.000000]   5 base 0800000000 mask FF00000000 write-back
Jul 18 10:41:36 Mercury kernel: [    0.000000]   6 base 0900000000 mask FFC0000000 write-back
Jul 18 10:41:36 Mercury kernel: [    0.000000]   7 base 0940000000 mask FFE0000000 write-back
Jul 18 10:41:36 Mercury kernel: [    0.000000]   8 base 0960000000 mask FFF0000000 write-back
Jul 18 10:41:36 Mercury kernel: [    0.000000]   9 disabled
Jul 18 10:41:36 Mercury systemd[1]: Mounted RPC Pipe File System.
Jul 18 10:41:36 Mercury kernel: [    0.000000] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT 
Jul 18 10:41:36 Mercury kernel: [    0.000000] e820: update [mem 0x90000000-0xffffffff] usable ==> reserved
Jul 18 10:41:36 Mercury kernel: [    0.000000] e820: last_pfn = 0x8c258 max_arch_pfn = 0x400000000
Jul 18 10:41:36 Mercury kernel: [    0.000000] found SMP MP-table at [mem 0x000fdab0-0x000fdabf] mapped at [        (ptrval)]
Jul 18 10:41:36 Mercury kernel: [    0.000000] Scanning 1 areas for low memory corruption
Jul 18 10:41:36 Mercury kernel: [    0.000000] Base memory trampoline at [        (ptrval)] 93000 size 24576
Jul 18 10:41:36 Mercury kernel: [    0.000000] Using GB pages for direct mapping
Jul 18 10:41:36 Mercury systemd[1]: Started Set the console keyboard layout.
Jul 18 10:41:36 Mercury kernel: [    0.000000] BRK [0x66142000, 0x66142fff] PGTABLE
Jul 18 10:41:36 Mercury kernel: [    0.000000] BRK [0x66143000, 0x66143fff] PGTABLE
Jul 18 10:41:36 Mercury kernel: [    0.000000] BRK [0x66144000, 0x66144fff] PGTABLE
Jul 18 10:41:36 Mercury kernel: [    0.000000] BRK [0x66145000, 0x66145fff] PGTABLE
Jul 18 10:41:36 Mercury kernel: [    0.000000] BRK [0x66146000, 0x66146fff] PGTABLE
Jul 18 10:41:36 Mercury kernel: [    0.000000] RAMDISK: [mem 0x339f9000-0x35cf3fff]
Jul 18 10:41:36 Mercury systemd[1]: Started Create Static Device Nodes in /dev.
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: Early table checksum verification disabled
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: RSDP 0x00000000000F0410 000024 (v02 INTEL )
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: XSDT 0x000000008F7FD120 00009C (v01 INTEL  S5520UR  00000000      01000013)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: FACP 0x000000008F7FB000 0000F4 (v04 INTEL  S5520UR  00000000 MSFT 0100000D)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: DSDT 0x000000008F7F4000 0065A1 (v02 INTEL  S5520UR  00000003 MSFT 0100000D)
Jul 18 10:41:36 Mercury systemd[1]: Starting udev Kernel Device Manager...
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: FACS 0x000000008F6F0000 000040
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: FACS 0x000000008F6F0000 000040
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: APIC 0x000000008F7F3000 0001A8 (v02 INTEL  S5520UR  00000000 MSFT 0100000D)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: MCFG 0x000000008F7F2000 00003C (v01 INTEL  S5520UR  00000001 MSFT 0100000D)
Jul 18 10:41:36 Mercury systemd-modules-load[430]: Inserted module 'ib_iser'
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: HPET 0x000000008F7F1000 000038 (v01 INTEL  S5520UR  00000001 MSFT 0100000D)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: SLIT 0x000000008F7F0000 000030 (v01 INTEL  S5520UR  00000001 MSFT 0100000D)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: SRAT 0x000000008F7EF000 000430 (v02 INTEL  S5520UR  00000001 MSFT 0100000D)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: SPCR 0x000000008F7EE000 000050 (v01 INTEL  S5520UR  00000000 MSFT 0100000D)
Jul 18 10:41:36 Mercury systemd[1]: Started udev Coldplug all Devices.
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: WDDT 0x000000008F7ED000 000040 (v01 INTEL  S5520UR  00000000 MSFT 0100000D)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: SSDT 0x000000008F7D2000 01AFC4 (v02 INTEL  SSDT  PM 00004000 INTL 20061109)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: SSDT 0x000000008F7D1000 0001D8 (v02 INTEL  IPMI     00004000 INTL 20061109)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: HEST 0x000000008F7D0000 0000A8 (v01 INTEL  S5520UR  00000001 INTL 00000001)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: BERT 0x000000008F7CF000 000030 (v01 INTEL  S5520UR  00000001 INTL 00000001)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: ERST 0x000000008F6EF000 000230 (v01 INTEL  S5520UR  00000001 INTL 00000001)
Jul 18 10:41:36 Mercury systemd[1]: Starting udev Wait for Complete Device Initialization...
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: EINJ 0x000000008F6EE000 000130 (v01 INTEL  S5520UR  00000001 INTL 00000001)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: DMAR 0x000000008F6ED000 0001E0 (v01 INTEL  S5520UR  00000001 MSFT 0100000D)
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: Local APIC address 0xfee00000
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 0 -> APIC 0x00 -> Node 0
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 1 -> APIC 0x20 -> Node 1
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 0 -> APIC 0x02 -> Node 0
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 1 -> APIC 0x22 -> Node 1
Jul 18 10:41:36 Mercury systemd-modules-load[430]: Inserted module 'vhost_net'
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 0 -> APIC 0x12 -> Node 0
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 1 -> APIC 0x32 -> Node 1
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 0 -> APIC 0x14 -> Node 0
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 1 -> APIC 0x34 -> Node 1
Jul 18 10:41:36 Mercury systemd[1]: Started udev Kernel Device Manager.
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 0 -> APIC 0x01 -> Node 0
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 1 -> APIC 0x21 -> Node 1
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 0 -> APIC 0x03 -> Node 0
Jul 18 10:41:36 Mercury systemd[1]: Reached target Sound Card.
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 1 -> APIC 0x23 -> Node 1
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 0 -> APIC 0x13 -> Node 0
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 1 -> APIC 0x33 -> Node 1
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 0 -> APIC 0x15 -> Node 0
Jul 18 10:41:36 Mercury kernel: [    0.000000] SRAT: PXM 1 -> APIC 0x35 -> Node 1
Jul 18 10:41:36 Mercury kernel: [    0.000000] ACPI: SRAT: Node 0 PXM 0 [mem 0x00000000-0x8fffffff]
Jul 18 10:41:36 Mercury systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
 

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
Does it also happen with other OSes? What does memtest say?
Only ever used this server for Proxmox, it used to be okay before GPU passthrough if I remember corectly. Mem test was happy. Using ECC RAM so shouldn't that help as well? Thanks for getting back.
 

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
Hi Zac!

Nice host/appl! I would try first of all to check all hdd's with all yours VM/CT stopped, using:

smartctl -t long /dev/sdX
Thanks, I managed to get it free from College to learn sysadmin on, it's really helped just stuck with this issue!

Because I am using a HW Raid card, smart polling won't work on some of the drives. The main boot drive is in a mirrored RAID 1 set. The RAID card is says that it is stable.

Smart Tests are running on the backup disk and media storage disk now, I can't test the other 2 virtual drives due to RAID....

Cheers :)
 

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
It just crashed again.

I could ping the hypervisor. Couldn't ping the clients. Also couldn't connect via SSH. Console did nothing either.

Below are the errors that were shown on screen. I had to reset the server manually. It then booted and everything was working. Nothing special was running that I think would've caused it.

Cheers.



 

Zac Orehawa

New Member
Apr 27, 2018
20
0
1
20
you're issuing more work then the kernel can handle. you need to increase your number of handles (fs.inotify.max_user_instances)

Of course it could also be a hardware problem.
I'm only running 2 VMs and 7 Containers when it crashes. I'm using 50% RAM and 10%ish CPU contastant.

What else could be causing so much work for the kernal? Am I trying to get it to do too much? I thought my hardware would run it!

How can I rule out any HW issues? Thanks again
 

guletz

Renowned Member
Apr 19, 2017
1,303
195
68
Brasov, Romania
Thanks, I managed to get it free from College to learn sysadmin on, it's really helped just stuck with this issue!

Because I am using a HW Raid card, smart polling won't work on some of the drives. The main boot drive is in a mirrored RAID 1 set. The RAID card is says that it is stable.

Smart Tests are running on the backup disk and media storage disk now, I can't test the other 2 virtual drives due to RAID....

Cheers :)

You coud put this drives into a desktop and run smartctl on them.
 

guletz

Renowned Member
Apr 19, 2017
1,303
195
68
Brasov, Romania
How can I rule out any HW issues? Thanks again
You can try to try to replace your sata cables with another new, and if you have a spare server, even a desktop and use your curent disks from the server (you will need to reinstall because you use a hw raid).

So using another system if you do not have any kernel crash, then you will start to find what hw problem do you have.

Good luck
 

alexskysilk

Well-Known Member
Oct 16, 2015
652
71
48
Chatsworth, CA
www.skysilk.com
I'm only running 2 VMs and 7 Containers when it crashes. I'm using 50% RAM and 10%ish CPU contastant.
Thats not the only "load" your kernel has to contend with. its also keeping a handle on all file handles and (if you have conntrack enabled) every packet in flight. HOWEVER, its not likely to be causing you issues with such a low system load. Its also not likely to be disk related (you'd see those in dmesg- I assume you already checked?)

simplest way to test- put your disks in another system and see if the problems persist.
 
  • Like
Reactions: guletz

Humbug

Member
Nov 14, 2012
30
1
8
Were you able to fix the problem? Did changing
/proc/sys/fs/inotify/max_user_watches help?
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!