Two Proxmox and GRE tunnel

S

Serhii

New Member
Feb 19, 2024
1
0
1
45
Greetings dear community.
Maybe they can help me here.
So, the configuration.
I have two configured Proxmox 8.x.y servers
Each has its own network:
Proxmox-A:
ext_IP: 135.x.y.z
int_IP: 10.13.132.1
int_network: 10.13.132.0/24

Proxmox-B:
ext_IP: 155.x.y.z
int_IP: 10.16.134.1
int_network: 10.16.134.0/24

Between two servers raised GRE a tunnel with a separate network. ( Left:192.168.100.1/32, Right:192.168.100.2
It all looks like this:
---------------------------------------------------------------------
VM ---- PROX-A --- INTERNET --- PROX-B ---- VM
| ------ GRE tunel -------|
---------------------------------------------------------------------
The problem I encountered is that the servers see each other, and the virtual machines do not even see the server on the other side.
I add the tcpdump. In my opinion, very strange behavior.
Maybe I'm missing something.
I am asking for help, dear community.

Bash: 
21:13:47.946469 tap102i0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 1, length 64
21:13:47.946473 fwln102i0 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 1, length 64
21:13:47.946474 fwpr102p0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 1, length 64
21:13:47.946474 vnet0 In  IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 1, length 64
21:13:47.946491 gre30 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 1, length 64
21:13:47.946947 gre30 In  IP 10.13.132.1 > 10.16.134.4: ICMP echo reply, id 13877, seq 1, length 64
---------------------------------
21:13:48.965810 tap102i0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 2, length 64
21:13:48.965817 fwln102i0 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 2, length 64
21:13:48.965819 fwpr102p0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 2, length 64
21:13:48.965819 vnet0 In  IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 2, length 64
21:13:48.965835 gre30 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 2, length 64
21:13:48.966326 gre30 In  IP 10.13.132.1 > 10.16.134.4: ICMP echo reply, id 13877, seq 2, length 64
---------------------------------
21:13:49.986001 tap102i0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 3, length 64
21:13:49.986007 fwln102i0 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 3, length 64
21:13:49.986009 fwpr102p0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 3, length 64
21:13:49.986009 vnet0 In  IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 3, length 64
21:13:49.986021 gre30 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 3, length 64
21:13:49.986271 gre30 In  IP 10.13.132.1 > 10.16.134.4: ICMP echo reply, id 13877, seq 3, length 64
21:13:51.009816 tap102i0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 4, length 64
21:13:51.009823 fwln102i0 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 4, length 64
21:13:51.009825 fwpr102p0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 4, length 64
21:13:51.009825 vnet0 In  IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 4, length 64
21:13:51.009839 gre30 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 4, length 64
21:13:51.010273 gre30 In  IP 10.13.132.1 > 10.16.134.4: ICMP echo reply, id 13877, seq 4, length 64
21:13:52.033791 tap102i0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 5, length 64
21:13:52.033794 fwln102i0 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 5, length 64
21:13:52.033795 fwpr102p0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 5, length 64
21:13:52.033795 vnet0 In  IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 5, length 64
21:13:52.033806 gre30 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 5, length 64
21:13:52.034239 gre30 In  IP 10.13.132.1 > 10.16.134.4: ICMP echo reply, id 13877, seq 5, length 64
21:13:53.061797 tap102i0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 6, length 64
21:13:53.061800 fwln102i0 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 6, length 64
21:13:53.061801 fwpr102p0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 6, length 64
21:13:53.061801 vnet0 In  IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 6, length 64
21:13:53.061815 gre30 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 6, length 64
21:13:53.062253 gre30 In  IP 10.13.132.1 > 10.16.134.4: ICMP echo reply, id 13877, seq 6, length 64
21:13:54.081837 tap102i0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 7, length 64
21:13:54.081850 fwln102i0 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 7, length 64
21:13:54.081854 fwpr102p0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 7, length 64
21:13:54.081854 vnet0 In  IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 7, length 64
21:13:54.081873 gre30 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 7, length 64
21:13:54.082311 gre30 In  IP 10.13.132.1 > 10.16.134.4: ICMP echo reply, id 13877, seq 7, length 64
21:13:55.105852 tap102i0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 8, length 64
21:13:55.105866 fwln102i0 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 8, length 64
21:13:55.105868 fwpr102p0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 8, length 64
21:13:55.105868 vnet0 In  IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 8, length 64
21:13:55.105886 gre30 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 8, length 64
21:13:55.106332 gre30 In  IP 10.13.132.1 > 10.16.134.4: ICMP echo reply, id 13877, seq 8, length 64
21:13:56.129848 tap102i0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 9, length 64
21:13:56.129857 fwln102i0 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 9, length 64
21:13:56.129859 fwpr102p0 P   IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 9, length 64
21:13:56.129859 vnet0 In  IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 9, length 64
21:13:56.129873 gre30 Out IP 10.16.134.4 > 10.13.132.1: ICMP echo request, id 13877, seq 9, length 64


P.S 10.16.134.4 - This is the IP address of the virtual machine. The servers themselves see each other through the IP of the tunnel and through the IP of the internal network.

Routing on the left server
Bash: 
default via 135.x.y.z dev vmbr0 proto kernel onlink
10.13.132.0/24 dev vnet0 proto kernel scope link src 10.13.132.1
10.16.134.0/24 via 192.168.100.2 dev gre30
135.135.x.y.z/26 dev vmbr0 proto kernel scope link src 135.135.x.y.w
192.168.100.0/30 dev gre30 proto kernel scope link src 192.168.100.1

Routing on server on the right
Bash: 
default via 155.x.y.z dev vmbr0 proto kernel onlink
10.13.132.0/24 via 192.168.100.1 dev gre30
10.16.134.0/24 dev vnet0 proto kernel scope link src 10.16.134.1
155.x.y.z/26 dev vmbr0 proto kernel scope link src 155.x.y.w
192.168.100.0/30 dev gre30 proto kernel scope link src 192.168.100.2

iFace gre30 left server
Bash: 
auto gre30
  iface gre30 inet tunnel
  address 192.168.100.1
  netmask 255.255.255.252
  mode gre
  local  135.x.y.z
  endpoint 155.x.y.z
  ttl 255
  post-up ip route add 10.16.134.0/24 via 192.168.100.2 dev gre30

iFace gre30 rigt server
Bash: 
auto gre30
  iface gre30 inet tunnel
  address 192.168.100.2
  netmask 255.255.255.252
  mode gre
  local  155.x.y.z
  endpoint 135.x.y.z
  ttl 255
  post-up ip route add 10.13.132.0/24 via 192.168.100.1 dev gre30
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back