SDN Simple Network - VM/CTs can't breakout

N

nickjk

New Member
Mar 18, 2024
4
0
1
Good day,

I am fairly new to Proxmox, busy evaluating it as a possible replacement for our hosting platform. I am testing out the Simple vNET functionality of SDN on Proxmox 8.1.4 (fresh install).

I have followed this guide: https://pve.proxmox.com/wiki/Setup_Simple_Zone_With_SNAT_and_DHCP

I have created the Simple vNET and the subnet with source NAT enabled but my devices cannot reach out of the simple network. Devices internally can ping each other, they can ping the gateway and can even ping my Proxmox management IP address. However any other device on the wider external network or internet is unreachable.

Simple vNET subnet: 192.168.200.0/24
Simple vNET gateway: 192.168.200.1
Proxmox management IP: 192.168.0.210

Output of cat /etc/network/interfaces.d/sdn

Code: 
#version:38


auto ln_vLAN1
iface ln_vLAN1
        ovs_type OVSIntPort
        ovs_bridge vmbr0
        ovs_mtu 9000
        ovs_options tag=1


auto vLAN1
iface vLAN1
        bridge_ports ln_vLAN1
        bridge_stp off
        bridge_fd 0
        mtu 9000
        alias Infrastructure vLAN


auto vNet1
iface vNet1
        address 192.168.200.1/24
        post-up iptables -t nat -A POSTROUTING -s '192.168.200.0/24' -o enp1s0f0 -j SNAT --to-source 192.168.0.210
        post-down iptables -t nat -D POSTROUTING -s '192.168.200.0/24' -o enp1s0f0 -j SNAT --to-source 192.168.0.210
        post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
        post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1
        bridge_ports none
        bridge_stp off
        bridge_fd 0
        mtu 1460
        alias Simple SDN vNet Test
        ip-forward on


auto vmbr0
iface vmbr0
        ovs_ports ln_vLAN1


I have also got some OVS bridges setup but they are on completely different physical NICs to the Proxmox management interface.

I have tried with the PVE firewall enable or disabled and with various rules (allow all in/out specifically) just to try get it working. I am at a bit of a loss of where to look next.
If anyone can point me in the right direction I would greatly appreciate it. I know a simple SDN network is not typically used in the hosting environment but I do want to test the functionality.

Thank you for any assistance.

Regards,

Nick
 
Thank you _gabriel,

Please see the output below:

Code: 
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

auto enp1s0f0
iface enp1s0f0 inet static
        address 192.168.0.210/24
        gateway 192.168.0.254

iface enp1s0f1 inet manual

iface enp129s0f0 inet manual

iface enp129s0f1 inet manual

iface enp129s0f2 inet manual

auto enp129s0f3
iface enp129s0f3 inet manual
        ovs_type OVSPort
        ovs_bridge vmbr1
#Reverse Proxy Port

auto eno1np0
iface eno1np0 inet manual
        ovs_type OVSPort
        ovs_bridge vmbr0
        ovs_mtu 9000

iface eno2np1 inet manual
        mtu 9000

auto vmbr1
iface vmbr1 inet manual
        ovs_type OVSBridge
        ovs_ports enp129s0f3
#Reverse Proxy Bridge

auto vmbr0
iface vmbr0 inet manual
        ovs_type OVSBridge
        ovs_ports eno1np0
        ovs_mtu 9000

auto vmbr2
iface vmbr2 inet manual
        bridge-ports eno2np1
        bridge-stp off
        bridge-fd 0
        mtu 9000
 
i hear in another post, snat sdn not working with ovs interfaces. i do not test yet

i have same issues with simple vnet, my vm's not outgoing to internet
 
_gabriel said:
indeed SDN doesn't work with OVS
https://forum.proxmox.com/threads/proxmox-sdn-openvswitch-and-linux-bridges.134698/post-639498


as always, post configs , no one can guess !
Post into [CODE][/CODE] tags (no screenshots) output of
Code: 
cat /etc/network/interfaces
cat /etc/network/interfaces.d/sdn
head -n-0 * /etc/pve/sdn
Click to expand...
thanks for your answer.
I did some changes on my network interfaces removing OVS and now is working correctly my simple vnet with SNAT.

Im just trying to help nickjk issues :D
 
Thank you Gabriel and Jbarriga, I will test this out on the weekend and report back.

I appreciate the help.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom