SDN DHCP not working

[TechTronic]

Hello All,

I have a fresh install of 8.4.1 in a datacenter, single ethernet port with a public IP. I'm trying to configure SDN to provide an internal subnet for VMs with DHCP and DNS that allows outside access to the Internet. I followed the guide here: https://pve.proxmox.com/wiki/Setup_Simple_Zone_With_SNAT_and_DHCP and also here: https://cyanlabs.net/tutorials/inst...th-1-ip-using-sdn-and-without-kvm-using-qemu/ (which is pretty much the same guide, reformatted). After setting up the Simple zone, a VNet, a Subnet, and IPAM, VMs are not able to obtain an address via DHCP. I even disabled the firewall at all levels to rule that out, no change.

Any help would be greatly appreciated. Thanks in advance.

 

[hd--]

Did you disable the dnsmasq service systemctl disable --now dnsmasq?
And did you also configure a DHCP range in the subnet?
What is the output of the following command?

systemctl status dnsmasq@<put_in_your_zone_name>.service

 

[TechTronic]

Thanks for the reply. I ended up abandoning the SDN config, and decided to install an OPNsense VM instead.

 

[alpot]

This link https://pve.proxmox.com/wiki/Setup_Simple_Zone_With_SNAT_and_DHCP tells you to install dnsmasq, but then it also says to disable the service. Why?

 

[hd--]

This link https://pve.proxmox.com/wiki/Setup_Simple_Zone_With_SNAT_and_DHCP tells you to install dnsmasq, but then it also says to disable the service. Why?

That is because we enable the dnsmasq systemd template unit per zone and if you do not disable the default systemd service they might disturb each other.

 

[Carontes]

Hello, I'm sorry if I write here after a long time from the last message of this thread but I have the same problem. I've set the SDN and gave it a DHCP range and enabled DHCP, but when I create a LXC or VM giving it the SDN zone name bridge with DHCP enabled I receive no IP, but if I assign a static IP from the DHCP range it receives the IP and everything is fine. I don't understant what I'm doing wrong. Proxmox 8.4.16.

systemctl status dnsmasq@myNET.service
● dnsmasq@myNET.service - dnsmasq (myNET) - A lightweight DHCP and caching DNS server
     Loaded: loaded (/lib/systemd/system/dnsmasq@.service; disabled; preset: enabled)
    Drop-In: /usr/lib/systemd/system/dnsmasq@.service.d
             └─00-dnsmasq-after-networking.conf
     Active: active (running) since Mon 2026-01-12 14:54:43 CET; 5min ago
    Process: 95480 ExecStartPre=/usr/share/dnsmasq/systemd-helper checkconfig myNET (code=exited, status=0/SUCCESS)
    Process: 95485 ExecStart=/usr/share/dnsmasq/systemd-helper exec myNET (code=exited, status=0/SUCCESS)
    Process: 95491 ExecStartPost=/usr/share/dnsmasq/systemd-helper start-resolvconf myNET (code=exited, status=0/SUCCESS)
   Main PID: 95490 (dnsmasq)
      Tasks: 1 (limit: 76362)
     Memory: 748.0K
        CPU: 25ms
     CGroup: /system.slice/system-dnsmasq.slice/dnsmasq@myNET.service
             └─95490 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.myNET.pid -u dnsmasq --local-service --trust-anchor=.,20326,8,2,E06D>

Jan 12 14:54:43 proxmox systemd[1]: Starting dnsmasq@myNET.service - dnsmasq (myNET) - A lightweight DHCP and caching DNS server...
Jan 12 14:54:43 proxmox dnsmasq[95490]: started, version 2.90 cachesize 150
Jan 12 14:54:43 proxmox dnsmasq[95490]: DNS service limited to local subnets
Jan 12 14:54:43 proxmox dnsmasq[95490]: compile time options: IPv6 GNU-getopt DBus no-UBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntr>
Jan 12 14:54:43 proxmox dnsmasq[95490]: reading /etc/resolv.conf
Jan 12 14:54:43 proxmox dnsmasq[95490]: using nameserver 192.168.10.16#53
Jan 12 14:54:43 proxmox dnsmasq[95490]: read /etc/hosts - 11 names
Jan 12 14:54:43 proxmox systemd[1]: Started dnsmasq@myNET.service - dnsmasq (myNET) - A lightweight DHCP and caching DNS server.

 

[nikatjef]

EDIT: Found the issue. The SG needed to be applied to the host level firewall, not the VNET firewall

I've set the SDN and gave it a DHCP range and enabled DHCP, but when I create a LXC or VM giving it the SDN zone name bridge with DHCP enabled I receive no IP

I am using Proxmox 9.1.4 and having the same issue. From the test client;


From the server, via tcpdump on the client;


I have created firewall rules that accept port 68 TCP and UDP, just in case. I have added log-dhcp and log-queries to the /etc/dnsmasq.d/sdn/10-sdn0.conf and restarted;


dnsmasq is running without issue;

My SDN config;

 

[Carontes]

Thanks for your reply. My /etc/dnsmasq.d/ folder is empty, I don't see any sdn folder after that only README file. This is my output

root@proxmox:~# dhclient -v vmbr0
Internet Systems Consortium DHCP Client 4.4.3-P1
Copyright 2004-2022 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/vmbr0/c8:ff:bf:00:7a:28
Sending on   LPF/vmbr0/c8:ff:bf:00:7a:28
Sending on   Socket/fallback
DHCPDISCOVER on vmbr0 to 255.255.255.255 port 67 interval 3
DHCPOFFER of 192.168.10.100 from 192.168.10.254
DHCPREQUEST for 192.168.10.100 on vmbr0 to 255.255.255.255 port 67
DHCPACK of 192.168.10.100 from 192.168.10.254
Error: ipv4: Address already assigned.
bound to 192.168.10.100 -- renewal in 37215 seconds.

Also I don't understand where did you get port 68 from.