SDN: "Backend isolated network" DHCP failing without gateway

S

Shlee

New Member
Apr 3, 2023
13
1
3
Hey team, I'm on the latest packages on a enterprise sub.

I want to build a SDN Zone that is private/internally routed only... a nice dumb switch with no internet access.
1702694915248.png

I've added a simple Zone, with a VNET... and added a subnet called BE with a DHCP range
1702695074283.png1702695080490.png

This results in an eth interface with no IPv4 from the DHCP
1702695109522.png

Now.. adding a gateway to the subnet
1702695189398.png

This fixes the DHCP lease for IPv4...
1702695209440.png
but also breaks my routing!
1702695241673.png

I assume this might be worth a bug report in the bugzilla, but I've never used that before (I'll look into it if this issue is not user error)
 

Attachments

  • 1702695007644.png
    1702695007644.png
    15.1 KB · Views: 10
I will confirm.. thank you for catching that

edit: I've fixed the subnet.. but the original issue remains (no IPv4 via DHCP)

1702725733011.png
 
Last edited:
you need an ip on the vnet (currently this is the gatewayip), to be able to receive ip from dhcp. (dhcp server need a source ip address,and currently we reuse same ip than gateway, and a default gw route is also send)


so, your problem is that you have 2 default gw on webwp... ? (do you have 2 interfaces ? if yes, both on vnets with dhcp ?)
 
In short yeah, the gateway isn't actually the problem... it's the fact the route for the VNET seems to be 0.0.0.0/0 instead of the subnet.
I'd expect a second ETH interface to route to the subnet.

example:
Based on my default routes... once I add the secondary internal VNET interface. "BE"
1702774330712.png
I'd want to see `192.168.100.0/24 dev BE` etc etc
 
Last edited:
Shlee said:
In short yeah, the gateway isn't actually the problem... it's the fact the route for the VNET seems to be 0.0.0.0/0 instead of the subnet.
I'd expect a second ETH interface to route to the subnet.

example:
Based on my default routes... once I add the secondary internal VNET interface. "BE"
View attachment 59924
I'd want to see `192.168.100.0/24 dev BE` etc etc
Click to expand...
ok thanks. So It's really that you don't want to receive the default gw on this second interface.
I think it's on the coming roadmap (also managing static routes)

just to be sure, can you try to edit

/etc/dnsmasq.d/<zone>/10-<vnet>.conf (with vnet of the secondary iface)

and remove the first line
"dhcp-option=....option:router,..."

then "systemctl restart dnsmasq@zone"
 
I'm trying to do the same thing! I tried what @spirit recommended and removed the first line from the dnsmasq configuration, then requested a new lease. My VM was still handed a default route on that interface. It's easy enough to tell my systems to ignore the default route in their config but it would be great to not have to do that on every machine I connect to this backend transit network.
 
  • Like
Reactions: jhr
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom