SDN VLAN Zone with VNet Error

[ArmoredJP]

I am having trouble configuring a VLAN VNet for my virtual machines using Proxmox SDN. After adding a zone and vnet I get the following error on some hosts: "error vmbr0"

For example, the VMNet has the error on this host:


But it succeeds on this host:


All my hosts have the referenced vmbr0 linux bridge configured. For example, the host with the error has this configuration:


The configuration is not any different from a host where the vnet is successfully configured:


I have created a zone called HomeNet that uses the vmbr0 bridge:


Within that zone I created a vnet with a vlan tag:



I don't know what's causing the error and I can't find any error logs that would point me in the right direction. Any help would be appreciated.

 

[akiuni]

Hello ArmorerJP

I have exactly the same problem here (with PVE 8.3.5)
The Apply succeed on all nodes excepted one with same error (error vmbr0). configurations are the same.

Unfortunately, I don't have the solution but I have a strong clue.

All my nodes have keepalived installed to share a virtual ip address with VRRP. This virtual ip is switching to other nodes when the SDN apply occures because it restarts the networking layer and the "faulty" node (the one with the zone in error) is always the one which got the virtual ip address.

To confirm that, I've tried to stop keepalived on all nodes excepted one and this latter always becomes the faulty node, whatever the node I choose.

So I think that this looks like a conflict with another netwoking tool (keepalived in my case).

Could you confirm you have a similar situation ?

 

[ArmoredJP]

Thank you akiuni, that is indeed the case! I do have keepalived running on all the hosts as they share a couple of ip addresses for ceph ingress. Unfortunately I can't remove the virtual ip addresses since they are in use by ceph .

Seems like a bug so maybe proxmox can fix it?

 

[akiuni]

Yes I agree with you, I don't find any open bug on this and it's all perl scripts (I'm not good in perl...)
I see you that are a proxmox subscriber, maybe you could you open a case ?

I've opened a bug on the community bugzilla: https://bugzilla.proxmox.com/show_bug.cgi?id=6259

 

[akiuni]

Hello,

Fyi I've bypassed this error with the following patch on all my proxmox nodes.
This is not really a good solution because it may have border effectes but it's working.

--- /usr/share/ifupdown2/lib/nlcache.py-dist     2025-04-01 09:34:30.411085540 +0200
+++ /usr/share/ifupdown2/lib/nlcache.py  2025-04-01 09:38:41.727038475 +0200
@@ -1949,8 +1949,8 @@
             if addr in config_addrs:
                 managed_addresses.append(addr)
 
-            elif not addr.scope & Route.RT_SCOPE_LINK:
-                managed_addresses.append(addr)
+            # elif not addr.scope & Route.RT_SCOPE_LINK:
+            #     managed_addresses.append(addr)
 
         return managed_addresses