SDN setup help

[gdawson]

We are trying to set up an in-house demo of Proxmox in the hopes of moving away from VMware.
I've got two hosts set up in a cluster, iSCSI connections via multipath to our Nimble are working well, and the networking on the hosts seems fine, it's when we try to implement the SDN features that things seem to go sideways.
To start, configuration looks like this on both servers:
nic0 and nic1 are in a bond, bond0. bond0 is part of a bridge, vmbr0, which is assigned a static IP on a local network.
On the Datacenter, we have a VLAN zone labeled Main that points to vmbr0. The zone has a Vnet, vnet0 that is tagged for VLAN 10. I have tried having the vnet be VLAN aware, also tried setting up subnets and enabling SNAT, but so far I haven't found a configuration that will let my test VM get a DHCP address.
If I connect the VM directly to vmbr0 it can access the network, but not if I put it on vnet0.
I have found articles that had me install dhcp-helper and point that at my DHCP server, and I have also added ipv4 forwarding to vmbr0 in /etc/network/interfaces. Again, so far, nothing has worked to get the VM out using vnet0. I feel like I'm probably missing something fundamental, and would appreciate some input on how best to go about troubleshooting this issue.

 

[SteveITS]

Is the VLAN set up in your switch? Where is the DHCP server?

 

[gdawson]

Hi Steve,
The DHCP server is on VLAN 10.
Your question about the switch prompted some further investigation on my part. The switchport was tagged for VLAN 10, which wasn't what I would have wanted down the road. That has now been changed to be a trunked port, and I updated the Proxmox network configuration to have the main server IP on bond0.10 rather than on the bridge. That seemed to be the preferred configuration according to Debian documentation, and it is working to access the management interface. Still no access for the guest, however.

 

[gdawson]

Having learned some things about using tcpdump, it appears that my VM guests are able to send traffic out. For example, I can see DHCP packets transmitting out of vmbr0, out of bond0, as well as responses on bond0. No responses on vmbr0, however. I'm dropping my sdn and interfaces files below for reference.


sdn:
auto vnet10
iface vnet10
bridge_ports vmbr0.10
bridge_stp off
bridge_fd 0

auto vnet100
iface vnet100
bridge_ports vmbr0.100
bridge_stp off
bridge_fd 0

auto vnet200
iface vnet200
bridge_ports vmbr0.200
bridge_stp off
bridge_fd 0

auto vnet30
iface vnet30
bridge_ports vmbr0.30
bridge_stp off
bridge_fd 0
bridge-vids 2-4094

auto vnet50
iface vnet50
bridge_ports vmbr0.50
bridge_stp off
bridge_fd 0

interfaces:
auto lo
iface lo inet loopback

auto nic0
iface nic0 inet manual

auto nic1
iface nic1 inet manual

auto bond0
iface bond0 inet manual
bond-slaves nic0 nic1
bond-miimon 100
bond-mode balance-alb
#VM and Management Bond

auto bond0.10
iface bond0.10 inet static
address 10.50.2.51/24
gateway 10.50.2.1
#Management VLAN

auto vmbr0
iface vmbr0 inet static
bridge-ports bond0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up echo 1 > /proc/sys/net/ipv4/conf/vmbr0/proxy_arp
#VM and Management Interface