TLDR;
Sending packets from VM to WAN like 8.8.8.8 can be listen to on PROXMOX Server but isn't be receiveable by VM - 100% packet loss for VM
_____
Hi,
first of all I like to say "Hello" while being new here.
I am using Proxmox for the first time and we are trying to do some testings.
Since years we are using VMware for virtualisation and cluster.
My setup is as follows:
A.) Hardware with 4 CPU and 2 NETWORK interface
B.) INTERFACE 0 [80:WW:XX:YY:ZZ:60] = enp3s0 => vmbr0 == WAN
C.) INTERFACE 1 [other MAC] = enp5s0 => vmbr1 == LAN
We get the WAN IP v4 and v6 from our ISP via DHCP.
I am currently using "Unitymedia" and have a ConnectBox attached in "ModemMode"
When using the hardware with my standard Debian Router configuration, everything works fine.
/etc/network/interfaces on PROXMOX Server
All Firewalls, ebtables, options etc. on PROXMOX are disabled.
pve-firewall status => disabled/running
I have create a VM and used the Ubuntu-Server-1804-ISO to install the system.
Just standard installation for testing - nothing set other than default
The network adapters in VM are configured as
Network Device (net0) => virtio (80:WW:XX:YY:ZZ:60, bridge=vmbr0)
Network Device (net1) => virtio (generated MAC, bridge=vmbr1)
Attention: to get a working DHCP Request on the WAN Interface I had to use the SAME MAC Address an the VirtIO Adapter as from the regular hardware interface. I am not sure if this is correct?
____
What happens:
When starting the Ubuntu VM the system will boot correctly and receive its WAN IP from ISP by DHCP on net0 (ens18).
On net1 (ens19) we have configured a local 10.x.x.x/24 network.
/etc/netplan/50-cloud-init.yaml
____
When pinging a system outside the WAN Interface and logging via tcpdump on PROXMOX Console I see correct outgoing and incoming packets:
on PROXMOX console:
tcpdump -n -i vmbr0 | grep -i icmp | egrep '(1\.2\.3\.4|8\.8\.8\.8)'
for ping 8.8.8.8 from Ubuntu VM
I got the outgoing and incoming packets on the PROXMOX console (BUT NOT INSIDE UBUNTU VM).
That means, Ubuntu ping will show 100% LOSS because none of these packets will come into the VM.
_____
I did not really found more stuff on that and hope that someone may guide me to a solution.
Thanks in advance
Tom
P.S.: I also tried things like:
But always same result - no traffic from WAN enters the VM
Sending packets from VM to WAN like 8.8.8.8 can be listen to on PROXMOX Server but isn't be receiveable by VM - 100% packet loss for VM
_____
Hi,
first of all I like to say "Hello" while being new here.
I am using Proxmox for the first time and we are trying to do some testings.
Since years we are using VMware for virtualisation and cluster.
My setup is as follows:
A.) Hardware with 4 CPU and 2 NETWORK interface
B.) INTERFACE 0 [80:WW:XX:YY:ZZ:60] = enp3s0 => vmbr0 == WAN
C.) INTERFACE 1 [other MAC] = enp5s0 => vmbr1 == LAN
We get the WAN IP v4 and v6 from our ISP via DHCP.
I am currently using "Unitymedia" and have a ConnectBox attached in "ModemMode"
When using the hardware with my standard Debian Router configuration, everything works fine.
/etc/network/interfaces on PROXMOX Server
Code:
auto lo
iface lo inet loopback
# WAN WIRE CONNECTED
iface enp3s0 inet manual
# LAN WIRE CONNECTED
iface enp5s0 inet manual
# WAN
auto vmbr0
iface vmbr0 inet manual
bridge-ports enp3s0
bridge-stp off
bridge-fd 0
# LAN
auto vmbr1
iface vmbr1 inet static
address 10.255.255.10
netmask 255.255.255.0
bridge-ports enp5s0
bridge-stp off
bridge-fd 0
All Firewalls, ebtables, options etc. on PROXMOX are disabled.
pve-firewall status => disabled/running
I have create a VM and used the Ubuntu-Server-1804-ISO to install the system.
Just standard installation for testing - nothing set other than default
The network adapters in VM are configured as
Network Device (net0) => virtio (80:WW:XX:YY:ZZ:60, bridge=vmbr0)
Network Device (net1) => virtio (generated MAC, bridge=vmbr1)
Attention: to get a working DHCP Request on the WAN Interface I had to use the SAME MAC Address an the VirtIO Adapter as from the regular hardware interface. I am not sure if this is correct?
____
What happens:
When starting the Ubuntu VM the system will boot correctly and receive its WAN IP from ISP by DHCP on net0 (ens18).
On net1 (ens19) we have configured a local 10.x.x.x/24 network.
/etc/netplan/50-cloud-init.yaml
Code:
network:
ethernets:
ens18:
dhcp4: true
ens19:
addresses:
- 10.255.255.9/24
nameservers: {}
version: 2
____
When pinging a system outside the WAN Interface and logging via tcpdump on PROXMOX Console I see correct outgoing and incoming packets:
on PROXMOX console:
tcpdump -n -i vmbr0 | grep -i icmp | egrep '(1\.2\.3\.4|8\.8\.8\.8)'
for ping 8.8.8.8 from Ubuntu VM
Code:
17:18:04.854175 IP 44.55.66.16 > 8.8.8.8: ICMP echo request, id 1439, seq 1, length 64
17:18:04.876269 IP 8.8.8.8 > 44.55.66.16: ICMP echo reply, id 1439, seq 1, length 64
17:18:05.862521 IP 44.55.66.16 > 8.8.8.8: ICMP echo request, id 1439, seq 2, length 64
17:18:05.885419 IP 8.8.8.8 > 44.55.66.16: ICMP echo reply, id 1439, seq 2, length 64
17:18:06.886534 IP 44.55.66.16 > 8.8.8.8: ICMP echo request, id 1439, seq 3, length 64
17:18:06.901289 IP 8.8.8.8 > 44.55.66.16: ICMP echo reply, id 1439, seq 3, length 64
17:18:07.910529 IP 44.55.66.16 > 8.8.8.8: ICMP echo request, id 1439, seq 4, length 64
17:18:07.924144 IP 8.8.8.8 > 44.55.66.16: ICMP echo reply, id 1439, seq 4, length 64
I got the outgoing and incoming packets on the PROXMOX console (BUT NOT INSIDE UBUNTU VM).
That means, Ubuntu ping will show 100% LOSS because none of these packets will come into the VM.
_____
I did not really found more stuff on that and hope that someone may guide me to a solution.
Thanks in advance
Tom
P.S.: I also tried things like:
Code:
pve-firewall stop
echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables
echo 1 > /proc/sys/net/ipv4/ip_forward
But always same result - no traffic from WAN enters the VM
Last edited: