Something blocking DHCP Offer into VM

firebladed

New Member
Mar 13, 2025
1
0
1
I am part way transitioning a lab from Esxi to proxmox

I have a kea DHCP server, on ubuntu, in one vm serving local network (imported from esxi) which seem to work for normal network

I have a second just installed ubuntu vm that while can use ipv6 does not receive DHCP offers, dhcp requests are sent received and replied to by DHCP server.

I can capture these via tcpdump from a shell on the host ~
Code:
tcpdump port 67 or port 68 -e -n -i vmbr0

Code:
01:58:37.546693 bc:24:11:94:c9:51 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from bc:24:11:94:c9:51, length 300
01:58:37.546754 bc:24:11:94:c9:51 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from bc:24:11:94:c9:51, length 300
01:58:37.547404 00:50:56:91:d5:56 > bc:24:11:94:c9:51, ethertype IPv4 (0x0800), length 496: 192.168.1.1.67 > 192.168.1.88.68: BOOTP/DHCP, Reply, length 454
01:58:37.547665 00:50:56:91:d5:56 > bc:24:11:94:c9:51, ethertype IPv4 (0x0800), length 496: 192.168.1.1.67 > 192.168.1.89.68: BOOTP/DHCP, Reply, length 454

however in the vm im not capturing the offer packets
Code:
sudo tcpdump port 67 or port 68 -e -n
Code:
01:58:36.432134 bc:24:11:94:c9:51 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from bc:24:11:94:c9:51, length 300
01:58:36.432615 bc:24:11:94:c9:51 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from bc:24:11:94:c9:51, length 300

something seems to be blocking them between the host linux bridge and the vm interface but
currently there is no firewall enabled anywhere in proxmox (datacenter, host or vm)


or one configured in the vm
Code:
sudo iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

does anyone know or have any suggestions on how to diagnose or fix this?
 
Last edited: