Dear all,
first, please apologize my ignorance regarding networks and firewalls, resp. inability to use the search function, as i am afraid, i found similar issue in the past, which i cannot find again.
We have a PVE cluster, in which one of the nodes hosts a VM configured as a router with iptables, let us call it RVM. This iptables setup has been used in the past on a physical machines, the issue i am going to describe, was not observed in the physical incarnations.
The RVM is configured with two nics, internal and external, attached to the corresponding bridges on the PVE node, NAT is configured via iptables. Other hosts attached to the internal network get the RVM as the gateway, and could access the external network through it.
The problem is, that apparently randomly that internal network becomes unreachable for host A, i.e., A cannot ping RVM anymore (A is a random host attached to the internal network). However if i login on RVM and ping A, after that A is able to ping RVM again. A could be on the same PVE host or another cluster member.
If it matters, we do not use vlans, simply different ip ranges for the internal and external networks.
Anyone with similar experience, resp. an idea where to look?
Any hint is highly appreciated, this issue is killing us.
Thanks in advance.
Cheers,
mirsha
p.s. wrote in english for simplicity, but german is also fine.
first, please apologize my ignorance regarding networks and firewalls, resp. inability to use the search function, as i am afraid, i found similar issue in the past, which i cannot find again.
We have a PVE cluster, in which one of the nodes hosts a VM configured as a router with iptables, let us call it RVM. This iptables setup has been used in the past on a physical machines, the issue i am going to describe, was not observed in the physical incarnations.
The RVM is configured with two nics, internal and external, attached to the corresponding bridges on the PVE node, NAT is configured via iptables. Other hosts attached to the internal network get the RVM as the gateway, and could access the external network through it.
The problem is, that apparently randomly that internal network becomes unreachable for host A, i.e., A cannot ping RVM anymore (A is a random host attached to the internal network). However if i login on RVM and ping A, after that A is able to ping RVM again. A could be on the same PVE host or another cluster member.
If it matters, we do not use vlans, simply different ip ranges for the internal and external networks.
Anyone with similar experience, resp. an idea where to look?
Any hint is highly appreciated, this issue is killing us.
Thanks in advance.
Cheers,
mirsha
p.s. wrote in english for simplicity, but german is also fine.