PVE host can't connect to lxc's + pve host has multiple IPs?

[dekiesel]

I am guessing these issues have the same root cause, but I can't make heads or tails of it...

My proxmox host is connected via ethernet to an OpenWrt router with a number of vlans.

The proxmox host is configured to use ip 192.168.178.12 (/24, vlan 1). The LXC's are onvlan 101, 10.1.101.0/24.

When I try to ping a LXC from the host I get "Destination Host Unreachable".

root@pve:~# ping 10.1.101.113
PING 10.1.101.113 (10.1.101.113) 56(84) bytes of data.
From 10.1.101.125 icmp_seq=1 Destination Host Unreachable
From 10.1.101.125 icmp_seq=2 Destination Host Unreachable

For some reason the request is rewritten to 10.1.101.125 (from 10.1.101.113).

I can see a number of "nameless" hosts in OpenWrt:



When I connect to any of those IPs I am greeted by the pve host again:

root@pve:~# ssh 10.1.101.173
Linux pve 6.2.16-14-pve #1 SMP PREEMPT_DYNAMIC PMX 6.2.16-14 (2023-09-19T08:17Z) x86_64


The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.


Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun Oct  8 23:32:03 2023 from 10.1.101.173
root@pve:~#

/etc/network/interfaces

auto lo
iface lo inet loopback


iface eno1 inet manual


auto vmbr0
iface vmbr0 inet static
    address 192.168.178.12/24
    gateway 192.168.178.1
    bridge-ports eno1
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094

/etc/hosts

127.0.0.1 localhost.localdomain localhost
192.168.178.12 pve.myddnshost.duckdns.org pve


# The following lines are desirable for IPv6 capable hosts


::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

ip route

default via 192.168.178.1 dev vmbr0 proto kernel onlink
default via 10.1.101.1 dev fwln106i1 proto dhcp src 10.1.101.125 metric 1077
default via 10.1.101.1 dev fwln110i1 proto dhcp src 10.1.101.132 metric 1081
default via 10.1.101.1 dev fwln115i1 proto dhcp src 10.1.101.216 metric 1085
default via 10.1.101.1 dev fwln116i1 proto dhcp src 10.1.101.144 metric 1089
default via 10.1.101.1 dev fwln117i1 proto dhcp src 10.1.101.205 metric 1093
default via 10.1.101.1 dev fwln118i1 proto dhcp src 10.1.101.59 metric 1097
default via 10.1.101.1 dev fwln121i0 proto dhcp src 10.1.101.173 metric 1113
10.1.101.0/24 dev fwln106i1 proto dhcp scope link src 10.1.101.125 metric 1077
10.1.101.0/24 dev fwln110i1 proto dhcp scope link src 10.1.101.132 metric 1081
10.1.101.0/24 dev fwln115i1 proto dhcp scope link src 10.1.101.216 metric 1085
10.1.101.0/24 dev fwln116i1 proto dhcp scope link src 10.1.101.144 metric 1089
10.1.101.0/24 dev fwln117i1 proto dhcp scope link src 10.1.101.205 metric 1093
10.1.101.0/24 dev fwln118i1 proto dhcp scope link src 10.1.101.59 metric 1097
10.1.101.0/24 dev fwln121i0 proto dhcp scope link src 10.1.101.173 metric 1113
169.254.0.0/16 dev veth102i1 scope link src 169.254.202.253 metric 1065
169.254.0.0/16 dev veth103i1 scope link src 169.254.246.98 metric 1066
169.254.0.0/16 dev veth105i1 scope link src 169.254.62.231 metric 1067
169.254.0.0/16 dev veth107i1 scope link src 169.254.154.237 metric 1068
169.254.0.0/16 dev fwpr107p1 scope link src 169.254.169.128 metric 1070
169.254.0.0/16 dev veth104i1 scope link src 169.254.146.165 metric 1073
169.254.0.0/16 dev veth106i1 scope link src 169.254.170.108 metric 1074
169.254.0.0/16 dev fwpr106p1 scope link src 169.254.157.57 metric 1076
169.254.0.0/16 dev veth110i1 scope link src 169.254.48.159 metric 1078
169.254.0.0/16 dev fwpr110p1 scope link src 169.254.195.90 metric 1080
169.254.0.0/16 dev veth115i1 scope link src 169.254.138.131 metric 1082
169.254.0.0/16 dev fwpr115p1 scope link src 169.254.162.139 metric 1084
169.254.0.0/16 dev veth116i1 scope link src 169.254.125.93 metric 1086
169.254.0.0/16 dev fwpr116p1 scope link src 169.254.134.127 metric 1088
169.254.0.0/16 dev veth117i1 scope link src 169.254.128.83 metric 1090
169.254.0.0/16 dev fwpr117p1 scope link src 169.254.239.90 metric 1092
169.254.0.0/16 dev veth118i1 scope link src 169.254.71.75 metric 1094
169.254.0.0/16 dev fwpr118p1 scope link src 169.254.248.2 metric 1096
169.254.0.0/16 dev veth121i0 scope link src 169.254.14.228 metric 1110
169.254.0.0/16 dev fwpr121p0 scope link src 169.254.30.40 metric 1112
169.254.0.0/16 dev veth122i1 scope link src 169.254.89.230 metric 1131
169.254.0.0/16 dev fwpr122p1 scope link src 169.254.119.164 metric 1133
169.254.0.0/16 dev veth119i1 scope link src 169.254.225.67 metric 1166
169.254.0.0/16 dev veth124i1 scope link src 169.254.108.189 metric 1175
169.254.0.0/16 dev fwpr124p1 scope link src 169.254.253.168 metric 1177
169.254.0.0/16 dev veth123i1 scope link src 169.254.197.53 metric 1180
169.254.0.0/16 dev veth125i1 scope link src 169.254.14.139 metric 1191
169.254.0.0/16 dev veth2001i1 scope link src 169.254.38.34 metric 1195
192.168.178.0/24 dev vmbr0 proto kernel scope link src 192.168.178.12

I can connect to these LXC's from other hosts in 192.168.178.0/24, just not from the proxmox host.

Any help is appreciated!
Thank you

 

[dekiesel]

So I think the issue might be here, in /etc/network/interfaces

bridge-vids 2-4094

The VLAN that the host sits on is not part of the allowed VLANs. I am running proxmox on a miniPC with one NIC. Is it safe to change the vids to

bridge-vids 1-4094

so that VLAN 1 is included?