[SOLVED] unresponsive VM with dual NIC

[aqwserf]

Hello,

I don't know if my problem is related to Proxmox, and if it's not, sorry in advance, I'll ask the question on another forum.

With containment, I'm trying to reorganize my network, and here's what I want to get:



Everything works fine for now, except when I setup a LXC container with both NIC: one on ADM and one on MYDOMAIN (share, wiki...). They both managed to get an IP from their respective DHCP (eth0.1000 and eth0.1200), but once the MYDOMAIN IP is up, the ADM ip becomes unresponsive from my main computer located on MYDOMAIN.

After some debugging, I think I've figured out why: as the connection to the IP on ADM comes from an IP on MYDOMAIN, and it has also an IP on MYDOMAIN, it tries to respond on this one instead of routing throw the ADM one.

I can receive the connection from my main computer and the container, but nothing goes out:

root@share:~# tcpdump -i eth0 -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
17:19:52.568114 IP 192.168.1.12.58966 > 192.168.3.132.8000: Flags [S], seq 2387158420, win 64240, options [mss 1460,sackOK,TS val 2355373463 ecr 0,nop,wscale 7], length 0

Just in case, here's my proxmox configuration:

* /etc/network/interfaces

auto lo
iface lo inet loopback

iface idrac inet manual

iface enp2s0f0 inet manual

iface enp2s0f1 inet manual

iface eno1 inet manual

iface eno2 inet manual

auto vmbr0
iface vmbr0 inet dhcp
    bridge-ports eno1
    bridge-stp off
    bridge-fd 0
#admin

auto vmbr1
iface vmbr1 inet manual
    bridge-ports enp2s0f0
    bridge-stp off
    bridge-fd 0
#mydomain

* /etc/pve/lxc/100.conf

arch: amd64
cores: 1
features: mount=nfs,nesting=1
hostname: share
memory: 512
mp0: /mnt/loose/nas/,mp=/data
net0: name=eth0,bridge=vmbr0,hwaddr=AE:5E:3D:CE:36:35,ip=dhcp,type=veth
net1: name=eth1,bridge=vmbr1,hwaddr=3A:82:E6:95:B4:53,ip=dhcp,type=veth
ostype: debian
rootfs: local-lvm:vm-100-disk-0,size=8G
swap: 512

A possible solution would be to tagged the eth0.1000 interface with VLAN 1200 and add an interface on my laptop but if someone has another solution, I'd be grateful !

Thank you.

 

[gmed]

Hi,

how is /etc/network/interfaces of the container?
What shows "ip route" within the container?

 

[aqwserf]

thanks !
here are the configurations:

root@share:~# cat /etc/network/interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet dhcp

root@share:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.2.254  0.0.0.0         UG    0      0        0 eth0
192.168.2.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.1.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1

I'm not even sure if it's possible.

Anyway, I finally tagged my mydomain interface with the adm one and I can have an interface on my laptop directly connected to it, so if anyone has a another solution, I'd be glad to hear it, but problem solved

EDIT:
here's the "ip route" as requested, not "route -n":

root@share:~# ip route
default via 192.168.2.254 dev eth0
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.132
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.110

 

[gmed]

According to your schematics, the adm-net has 192.168.3.0/24 but your CT has ip from 192.168.2.0/24 net???

 

[aqwserf]

Yes, that's a mistake as I modified it because I use other IP range, and I wanted my post to be as simple as possible