[SOLVED] Routing Problem

P

proximoxi

Active Member
Aug 24, 2018
18
0
41
38
Hi there

got a little problem and hope you can help me :)

I added a new Bridge (vmbr1) as a Trunk.

network.png

Setup:
  • Proxmox Server (vmbr0) 10.0.0.10
  • VM2 (vmbr0) IP 10.0.0.20
  • VM1 (vmbr1 - tagged VLAN 20) IP 10.0.20.10

Problem:

Proxmox Server can't Ping in the 10.0.20.0/24 Net.

VM1 can ping VM2 but not Proxmox Server
VM2 can ping VM1 and can ping Proxmox Server


Code: 
auto lo
iface lo inet loopback

allow-hotplug enp0s31f6

iface enp0s31f6 inet static

iface enp4s0 inet manual

iface enp5s0 inet manual

iface enp6s0 inet manual

iface enp7s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address  10.0.0.10
        netmask  24
        gateway  10.0.0.254
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0

auto vmbr1
iface vmbr1 inet static
        address  10.0.20.0
        netmask  24
        bridge-ports enp4s0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

I read the config in the FAQ
https://pve.proxmox.com/wiki/Network_Configuration#_vlan_802_1q

But i din't get it :)

can you help me?
 
If the Proxmox VE server should have an IP in the 10.0.20.0/24 subnet you must give it an IP in the network's range. The currently configured IP is the network address and not a valid IP for a device. The last octet must be something between 1 and 254.

If the Proxmox VE server should not have an IP in the 10.0.20.0/24 network remove the current address and netmask config from vmbr1. Then the pings should go via the default router.
 
Hello aaron
Thank you for you Reply. I think i describe the Problem too bad.


The Host (10.0.0.10) is running on vmbr0 without VLAN.
The VM1 (10.0.0.150) is running von vmbr0 without VLAN.

They can Ping each other and 8.8.8.8, no Problem there...
______________________________________

VM2 (10.0.20.250) is running on vmbr1 with VLAN tagging.

VM2 can ping 8.8.8.8, can ping google.com but can NOT ping the Host.

Host can NOT Ping VM2...

some infos:

HOST:
Code: 
root@host:~# ip route
default via 10.0.0.254 dev vmbr0 proto kernel onlink
10.0.0.0/24 dev vmbr0 proto kernel scope link src 10.0.0.10
10.0.20.0/24 dev vmbr20 proto kernel scope link src 10.0.20.0

root@host:~# ping 10.0.0.150
PING 10.0.0.150 (10.0.0.150) 56(84) bytes of data.
64 bytes from 10.0.0.150: icmp_seq=1 ttl=64 time=0.122 ms

root@host:~# ping 10.0.20.250
PING 10.0.20.250 (10.0.20.250) 56(84) bytes of data.
From 10.0.20.0 icmp_seq=1 Destination Host Unreachable

root@host:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=51 time=1.67 ms

VM2:

Code: 
root@VM2:~# ip route
default via 10.0.20.254 dev ens19 onlink
10.0.20.0/24 dev ens19 proto kernel scope link src 10.0.20.250

root@VM2:~# ping 10.0.0.150
PING 10.0.0.150 (10.0.0.150) 56(84) bytes of data.
64 bytes from 10.0.0.150: icmp_seq=1 ttl=63 time=0.615 ms

root@VM2:~# ping 10.0.0.10
PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data.
64 bytes from 10.0.0.10: icmp_seq=1 ttl=64 time=0.591 ms  (this is too strange for me, why in this way is working?)

root@VM2:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=51 time=1.77 ms

root@VM2:~# ssh 10.0.0.10 -p 22
ssh: connect to host 10.0.0.10 port 22: Connection refused
root@VM2:~#

Host can Ping another dedicated Server in the VLAN20

Code: 
root@host:~# ping 10.0.20.251
PING 10.0.20.251 (10.0.20.251) 56(84) bytes of data.
64 bytes from 10.0.20.251: icmp_seq=1 ttl=64 time=0.451 ms

Background Note:
VM2 in this Case is my DNS Server, so the Host need it :eek:)

Can you help me? Is the Problem now well described?

thx
 
Hi,
host need an ip in vlan20 to be able to reach the vm in vlan20.

Code: 
auto vmbr0
iface vmbr0 inet static
        address  10.0.0.10
        netmask  24
        gateway  10.0.0.254
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
        bridge-ports enp4s0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094


auto vmbr1.20
iface vmbr1.20 inet static
        address  10.0.20.X
        netmask  24
 
proximoxi said:
Code: 
iface vmbr1 inet static
        address  10.0.20.0
        netmask  24
Click to expand...
This is not a valid host IP address but the network address according to how subnetting works. See https://www.calculator.net/ip-subne...&cip=10.0.20.0&ctype=ipv4&printit=0&x=73&y=35

So to get to your VM with the tagged VLAN you have these two options:
  1. use @spirit hint above
  2. remove any trace of the 10.0.20.0/24 network on the host, so that there will be no direct route 10.0.20.0/24 dev vmbr20 proto kernel scope link src 10.0.20.0. Then the default gateway will be used. Make sure that your router routes between the two networks (non VLAN and the VLAN one)
 
Hello aaron

Remove the Route did the trick... thank you

Can you maybe explain me, why the existing route has not worked in this case?

Code: 
root@proxmox:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.0.254      0.0.0.0         UG    0      0        0 vmbr0
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 vmbr0
10.0.20.0       0.0.0.0         255.255.255.0   U     0      0        0 vmbr20

ended up in this, is this ok?:

Code: 
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

allow-hotplug enp0s31f6

iface enp0s31f6 inet static

iface enp4s0 inet manual

iface enp5s0 inet manual

iface enp6s0 inet manual

iface enp7s0 inet manual

iface enp4s0.20 inet manual

auto vmbr0
iface vmbr0 inet static
        address  10.0.0.10
        netmask  24
        gateway  10.0.0.254
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0

auto vmbr20
iface vmbr20 inet static
        address  10.0.20.0
        netmask  24
        bridge-ports enp4s0.20
        bridge-stp off
        bridge-fd 0
        post-up route del -net 10.0.20.0 netmask 255.255.255.0
#VLAN20

Code: 
root@proxmox:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.0.254      0.0.0.0         UG    0      0        0 vmbr0
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 vmbr0
 
proximoxi said:
Can you maybe explain me, why the existing route has not worked in this case?
Click to expand...
For a few reasons.
  1. You do not have a valid host IP address configured.
  2. Even with a valid host IP it would not have worked because the other host was in a different VLAN, ergo in a different "physical" network.
Please remove the address and netmask from your vmbr20. As I already said this is not a valid IP for a host but the network address. A bridge does not need to have an address configured to function as a switch.

I advise you to read up on subnetting. :) Not every IP address can be used for a host but depending on the subnet they are either the network or broadcast address.
 
aaron said:
You do not have a valid host IP address configured.
Click to expand...

What do you mean with this? 10.0.0.10/24 is a valid IP in my understanding?

aaron said:
Even with a valid host IP it would not have worked because the other host was in a different VLAN, ergo in a different "physical" network.
Click to expand...

then why proxmox add a route if it don't need it?

aaron said:
Please remove the address and netmask from your vmbr20.
Click to expand...
done.

aaron said:
I advise you to read up on subnetting.
Click to expand...
i do :)
 
proximoxi said:
What do you mean with this? 10.0.0.10/24 is a valid IP in my understanding?
Click to expand...
But 10.0.20.0/24 is not.

Code: 
auto vmbr20
iface vmbr20 inet static
        address  10.0.20.0
        netmask  24
        bridge-ports enp4s0.20
        bridge-stp off
        bridge-fd 0
        post-up route del -net 10.0.20.0 netmask 255.255.255.0
I am talking about this section in your network config.
Remove the address and netmask. If you do that you can also remove the post-up line because there will be no route added automatically for the 10.0.20.0/24 network.
 
Great that we managed to clear up the misunderstanding :)

Would you please be so kind and edit the first post to mark the thread as solved?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back