Hi All,
I need help with migrating my 3 node Proxmox cluster to a new VLAN. Here are the steps I have taken:
I first moved each of my VMs to specified VLANs by making each host VLAN aware, tagging the VM VLAN ids, and my managed switch setup for tagged and untagged ports as needed to connect to my OPNsense router. This is still working fine and each VM is in the correct VLAN and communicating fine.
I next tried to move the three hosts to the new VLAN following these steps;
"*change the ip addresses in /etc/network/interfaces and /etc/hosts on each node
* After that recreate the ssh-hostkeys with pvecm updatecerts.
* Change corosync.conf to the new ip-adresses (done using a copied file then replacing)""
I rebooted the router and hosts after this. Now I cannot access the Proxmox web GUI from VMs on the same new VLAN. Using the Proxmox host physical console, I am able to ssh and ping the hosts on their new static IPs in the new VLAN. The web GUI is running as confirmed by using curl to localhost on the host. But I am unable to ping any other static DHCP lease hosts on the VLAN or even the router on 192.168.2.1. I cannot reach external sites eg. 8.8.8.8. I noticed that /etc/resolv.conf was still using the old vlan dns server ie. 192.168.1.1 so I manually edited that.
I was wondering if it was related to Proxmox firewall settings. I had indeed been editing these for the old vlan and are probably still set for that. Perhaps some issue with the anti lockout rules on the new VLAN? But I ran:
pve-firewall stop
and edited
/etc/pve/firewall/cluster.fw
to disable it. So I figured this should remove it from the equation? Perhaps I am missing somewhere eg. does this disable firewall at all 3 levels (datacenter, host, and VM)?
Here is the contents of: /etc/network/interfaces for one of the hosts:
"
auto lo
iface lo inet loopback
iface enp2s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.2.200/24
gateway 192.168.2.1
bridge-ports enp2s0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
source /etc/network/interfaces.d/*
"
So something with my network seems misconfigured. Have I missed some necessary step in this migration process? Eg. is there some legacy setting from my old VLAN that is causing trouble?
Very eager for assistance/suggestions with this problem. Thanks for your help!
I need help with migrating my 3 node Proxmox cluster to a new VLAN. Here are the steps I have taken:
I first moved each of my VMs to specified VLANs by making each host VLAN aware, tagging the VM VLAN ids, and my managed switch setup for tagged and untagged ports as needed to connect to my OPNsense router. This is still working fine and each VM is in the correct VLAN and communicating fine.
I next tried to move the three hosts to the new VLAN following these steps;
"*change the ip addresses in /etc/network/interfaces and /etc/hosts on each node
* After that recreate the ssh-hostkeys with pvecm updatecerts.
* Change corosync.conf to the new ip-adresses (done using a copied file then replacing)""
I rebooted the router and hosts after this. Now I cannot access the Proxmox web GUI from VMs on the same new VLAN. Using the Proxmox host physical console, I am able to ssh and ping the hosts on their new static IPs in the new VLAN. The web GUI is running as confirmed by using curl to localhost on the host. But I am unable to ping any other static DHCP lease hosts on the VLAN or even the router on 192.168.2.1. I cannot reach external sites eg. 8.8.8.8. I noticed that /etc/resolv.conf was still using the old vlan dns server ie. 192.168.1.1 so I manually edited that.
I was wondering if it was related to Proxmox firewall settings. I had indeed been editing these for the old vlan and are probably still set for that. Perhaps some issue with the anti lockout rules on the new VLAN? But I ran:
pve-firewall stop
and edited
/etc/pve/firewall/cluster.fw
to disable it. So I figured this should remove it from the equation? Perhaps I am missing somewhere eg. does this disable firewall at all 3 levels (datacenter, host, and VM)?
Here is the contents of: /etc/network/interfaces for one of the hosts:
"
auto lo
iface lo inet loopback
iface enp2s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.2.200/24
gateway 192.168.2.1
bridge-ports enp2s0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
source /etc/network/interfaces.d/*
"
So something with my network seems misconfigured. Have I missed some necessary step in this migration process? Eg. is there some legacy setting from my old VLAN that is causing trouble?
Very eager for assistance/suggestions with this problem. Thanks for your help!