VM Network Traffic is visible to all VM in the same VLAN, but only if they are using VirtIO Network Bridge

Noah0302

Member
Jul 21, 2022
63
9
13
Hello guys,

I am currently facing an Issue in our Proxmox Cluster as described in the Title.
It does not matter on which Node the VMs are on, or if they run Linux or Windows, it happens on every single one.
However LXCs in the same VLAN are not affected, since they dont use the VirtIO Adapter, as far as I can tell.

Here are some Infos on the current Setup:
Pakage Versions on each Node:
Code:
proxmox-ve: 7.4-1 (running kernel: 5.15.108-1-pve)
pve-manager: 7.4-18 (running version: 7.4-18/b1f94095)
pve-kernel-5.15: 7.4-14
pve-kernel-5.15.158-1-pve: 5.15.158-1
pve-kernel-5.15.131-2-pve: 5.15.131-3
pve-kernel-5.15.131-1-pve: 5.15.131-2
pve-kernel-5.15.108-1-pve: 5.15.108-2
pve-kernel-5.15.30-2-pve: 5.15.30-3
ceph: 16.2.15-pve1
ceph-fuse: 16.2.15-pve1
corosync: 3.1.7-pve1
criu: 3.15-1+pve-1
glusterfs-client: 9.2-1
ifupdown2: 3.1.0-1+pmx4
ksm-control-daemon: 1.4-1
libjs-extjs: 7.0.0-1
libknet1: 1.24-pve2
libproxmox-acme-perl: 1.4.4
libproxmox-backup-qemu0: 1.3.1-1
libproxmox-rs-perl: 0.2.1
libpve-access-control: 7.4.3
libpve-apiclient-perl: 3.2-2
libpve-common-perl: 7.4-2
libpve-guest-common-perl: 4.2-4
libpve-http-server-perl: 4.2-3
libpve-rs-perl: 0.7.7
libpve-storage-perl: 7.4-3
libspice-server1: 0.14.3-2.1
lvm2: 2.03.11-2.1
lxc-pve: 5.0.2-2
lxcfs: 5.0.3-pve1
novnc-pve: 1.4.0-1
proxmox-backup-client: 2.4.7-1
proxmox-backup-file-restore: 2.4.7-1
proxmox-kernel-helper: 7.4-1
proxmox-mail-forward: 0.1.1-1
proxmox-mini-journalreader: 1.3-1
proxmox-offline-mirror-helper: 0.5.2
proxmox-widget-toolkit: 3.7.4
pve-cluster: 7.3-3
pve-container: 4.4-7
pve-docs: 7.4-2
pve-edk2-firmware: 3.20230228-4~bpo11+3
pve-firewall: 4.3-5
pve-firmware: 3.6-6
pve-ha-manager: 3.6.1
pve-i18n: 2.12-1
pve-qemu-kvm: 7.2.10-1
pve-xtermjs: 4.16.0-2
qemu-server: 7.4-6
smartmontools: 7.2-pve3
spiceterm: 3.2-2
swtpm: 0.8.0~bpo11+3
vncterm: 1.7-1
zfsutils-linux: 2.1.15-pve1
cat /etc/network/interfaces
Code:
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

auto eno1
iface eno1 inet manual
#Port 1 - 1G

auto eno2
iface eno2 inet manual
#Port 2 - 1G

auto eno3
iface eno3 inet manual
#Port 3 - 1G

auto eno4
iface eno4 inet manual
#Port 4 - 1G

iface enx0a94ef038ed7 inet manual

auto ens1f0
iface ens1f0 inet manual
        mtu 9000
#Port 1 - 10G

auto ens1f1
iface ens1f1 inet manual
        mtu 9000
#Port 2 - 10G

auto bond100
iface bond100 inet manual
        bond-slaves eno1 eno3
        bond-miimon 100
        bond-mode balance-alb
#Bond 4G

auto bond900
iface bond900 inet manual
        bond-slaves ens1f0 ens1f1
        bond-miimon 100
        bond-mode balance-alb
        mtu 9000
#Bond 20G

auto bond800
iface bond800 inet manual
        bond-slaves eno2 eno4
        bond-miimon 100
        bond-mode active-backup
        bond-primary eno2
#Corosync

auto vmbr100
iface vmbr100 inet manual
        bridge-ports bond100
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094
#Bridge 4G

auto vmbr900
iface vmbr900 inet manual
        bridge-ports bond900
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094
        mtu 9000
#Bridge 20G

auto vlan900
iface vlan900 inet static
        address 10.10.20.70/24
        mtu 9000
        vlan-raw-device vmbr900
#Cluster / CEPH

auto vlan20
iface vlan20 inet static
        address 172.17.20.70/24
        gateway 172.17.20.1
        vlan-raw-device vmbr100
#Management

auto vlan800
iface vlan800 inet static
        address 10.10.30.70/24
        vlan-raw-device bond800
#Corosync


The Issue does not appear in the following VM-Config:
Code:
agent: 1
boot: order=virtio0;ide2;net0;ide0
cores: 4
ide0: none,media=cdrom
ide2: none,media=cdrom
machine: pc-i440fx-7.1
memory: 4096
meta: creation-qemu=7.1.0,ctime=1682677511
name: Win10-VLAN
net0: e1000=E6:40:24:02:3D:AF,bridge=vmbr100,firewall=1
net1: e1000=2E:41:FB:9C:80:D1,bridge=vmbr100,firewall=1,tag=12
numa: 0
ostype: win10
scsihw: virtio-scsi-single
smbios1: uuid=10e81047-3e0b-43af-ae12-bcd490754eee
sockets: 1
tags: windows
virtio0: SSD-Pool01:vm-102-disk-2,discard=on,iothread=1,size=64G
vmgenid: f5e5c437-ad2e-4cd6-b5ee-bf21a2bff51b

The Issue does appear in the following VM-Config:
Code:
agent: 1
boot: order=virtio0;ide2;net0;ide0
cores: 4
ide0: none,media=cdrom
ide2: none,media=cdrom
machine: pc-i440fx-7.1
memory: 4096
meta: creation-qemu=7.1.0,ctime=1682677511
name: Win10-VLAN
net0: virtio=E6:40:24:02:3D:AF,bridge=vmbr100,firewall=1
net1: virtio=2E:41:FB:9C:80:D1,bridge=vmbr100,firewall=1,tag=12
numa: 0
ostype: win10
scsihw: virtio-scsi-single
smbios1: uuid=10e81047-3e0b-43af-ae12-bcd490754eee
sockets: 1
tags: windows
virtio0: SSD-Pool01:vm-102-disk-2,discard=on,iothread=1,size=64G
vmgenid: f5e5c437-ad2e-4cd6-b5ee-bf21a2bff51b

As you can see, the only Difference is, that I changed the Network Adapter from e1000 to VirtIO...
Here some Screenshots of the Network Traffic in the Proxmox Webgui as well:
1720002984374.png
The Traffic always drops, as soon as I change from VirtIO to e1000!


If you need any more Info from me, please tell me!

Thank you for reading.
 
Last edited:
How does the traffic that arrives at the VM look like? Can you provide an example TCP Dump from within the VM where traffic is visible that shouldn't be visible?

You can do this from inside a Linux VM:

Code:
tcpdump -i any -w output.pcap

Alternatively you can tcpdump on the tap interfaces on the host:

Code:
tcpdump -i tap<vmid>i<index> -w output.pcap
 
Last edited:
How does the traffic that arrives at the VM look like? Can you provide an example TCP Dump from within the VM where traffic is visible that shouldn't be visible?

You can do this from inside a Linux VM:

Code:
tcpdump -i any -w output.pcap

Alternatively you can tcpdump on the tap interfaces on the host:

Code:
tcpdump -i tap<vmid>i<index> -w output.pcap
Thank you for the Reply!

I actually already did a TCP-Dump on a Windows Machine via Wireshark.
The offending Traffic should be the following:
Code:
1308    0.407346    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1309    0.407607    172.17.100.33    172.17.100.34    PGSQL    122    <T/C/Z
1310    0.407799    PUBLIC-IP_HERE    172.16.3.12    UDP    224    57679 → 10666 Len=182
1311    0.407997    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1312    0.408210    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1313    0.408484    PUBLIC-IP_HERE    192.168.4.33    TCP    60    51460 → 5090 [PSH, ACK] Seq=5 Ack=1 Win=515 Len=4
1314    0.408517    172.17.100.34    172.17.100.33    PGSQL    236    >P/B/D/E/S
1315    0.409028    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1316    0.409493    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1317    0.409814    172.17.100.33    172.17.100.34    PGSQL    120    <T/C/Z
1318    0.410158    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1319    0.410442    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1320    0.410763    172.17.100.34    172.17.100.33    PGSQL    238    >P/B/D/E/S
1321    0.410893    PUBLIC-IP_HERE    172.16.9.5    UDP    214    32516 → 9864 Len=172
1322    0.411148    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1323    0.411448    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1324    0.411749    172.17.100.33    172.17.100.34    PGSQL    122    <T/C/Z
1325    0.411776    192.168.6.88    192.168.6.16    TLSv1.2    97    Application Data
1326    0.411812    192.168.6.16    192.168.6.88    TCP    54    3389 → 42347 [ACK] Seq=1 Ack=130 Win=63025 Len=0
1327    0.412152    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1328    0.412430    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1329    0.412871    172.17.100.34    172.17.100.33    PGSQL    236    >P/B/D/E/S
1330    0.413292    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1331    0.413639    PUBLIC-IP_HERE    172.16.3.43    UDP    238    53094 → 5090 Len=196
1332    0.413652    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1333    0.413807    172.17.100.33    172.17.100.34    PGSQL    120    <T/C/Z
1334    0.414148    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1335    0.414365    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1336    0.414716    172.17.100.34    172.17.100.33    PGSQL    238    >P/B/D/E/S
1337    0.415067    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1338    0.415444    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1339    0.415714    172.17.100.33    172.17.100.34    PGSQL    122    <T/C/Z
1340    0.416071    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1341    0.416357    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1342    0.416741    172.17.100.34    172.17.100.33    PGSQL    236    >P/B/D/E/S
1343    0.416837    192.168.6.16    192.168.6.88    RDPUDP    1279    CORRELATIONID,AOA
1344    0.416885    192.168.6.16    192.168.6.88    RDPUDP    1279    CORRELATIONID,AOA
1345    0.416901    192.168.6.16    192.168.6.88    RDPUDP    1279    CORRELATIONID,AOA
1346    0.416933    192.168.6.16    192.168.6.88    RDPUDP    706    CORRELATIONID,AOA
1347    0.417120    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1348    0.417424    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1349    0.417661    172.17.100.33    172.17.100.34    PGSQL    120    <T/C/Z
1350    0.418005    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1351    0.418279    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1352    0.418710    172.17.100.34    172.17.100.33    PGSQL    238    >P/B/D/E/S
1353    0.418904    PUBLIC-IP_HERE    172.16.3.6    UDP    214    35802 → 9484 Len=172
1354    0.418974    192.168.6.16    192.168.6.88    RDPUDP    1279    CORRELATIONID,AOA
1355    0.419017    192.168.6.16    192.168.6.88    RDPUDP    1279    CORRELATIONID,AOA
1356    0.419045    192.168.6.16    192.168.6.88    RDPUDP    1279    CORRELATIONID,AOA
1357    0.419083    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1358    0.419092    192.168.6.16    192.168.6.88    RDPUDP    1279    CORRELATIONID,AOA
1359    0.419108    192.168.6.16    192.168.6.88    RDPUDP    220    CORRELATIONID,AOA
1360    0.419480    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1361    0.419759    172.17.100.33    172.17.100.34    PGSQL    122    <T/C/Z
1362    0.420270    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1363    0.420469    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1364    0.420893    172.17.100.34    172.17.100.33    PGSQL    236    >P/B/D/E/S
1365    0.421172    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1366    0.421521    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1367    0.421827    172.17.100.33    172.17.100.34    PGSQL    120    <T/C/Z
1368    0.422111    PUBLIC-IP_HERE    172.16.3.12    UDP    214    19494 → 10016 Len=172
1369    0.422461    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1370    0.422736    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1371    0.423024    PUBLIC-IP_HERE    172.16.9.5    UDP    214    32516 → 9864 Len=172
1372    0.423208    172.17.100.34    172.17.100.33    PGSQL    238    >P/B/D/E/S
1373    0.423392    192.168.6.88    192.168.6.16    RDPUDP    119    AOA
1374    0.423664    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1375    0.424219    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1376    0.424523    172.17.100.33    172.17.100.34    PGSQL    122    <T/C/Z
1377    0.425052    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1378    0.425342    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1379    0.425495    192.168.6.88    192.168.6.16    TLSv1.2    97    Application Data
1380    0.425809    172.17.100.34    172.17.100.33    PGSQL    236    >P/B/D/E/S
1381    0.426373    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1382    0.426883    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1383    0.427137    172.17.100.33    172.17.100.34    PGSQL    120    <T/C/Z
1384    0.427482    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1385    0.427726    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1386    0.428221    172.17.100.34    172.17.100.33    PGSQL    238    >P/B/D/E/S
1387    0.428533    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1388    0.429032    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1389    0.429325    172.17.100.33    172.17.100.34    PGSQL    122    <T/C/Z
1390    0.429629    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1391    0.429850    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1392    0.430185    172.17.100.34    172.17.100.33    PGSQL    236    >P/B/D/E/S
1393    0.430626    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1394    0.430943    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1395    0.431402    172.17.100.33    172.17.100.34    PGSQL    120    <T/C/Z
1396    0.431502    192.168.6.88    192.168.6.16    RDPUDP    106    CORRELATIONID
1397    0.432035    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1398    0.432348    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1399    0.432912    172.17.100.34    172.17.100.33    PGSQL    238    >P/B/D/E/S
1400    0.433445    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1401    0.433895    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1402    0.434160    172.17.100.33    172.17.100.34    PGSQL    122    <T/C/Z
1403    0.434633    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1404    0.434859    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1405    0.434948    PUBLIC-IP_HERE    172.16.3.43    UDP    238    53094 → 5090 Len=196
1406    0.435343    172.17.100.34    172.17.100.33    PGSQL    236    >P/B/D/E/S
1407    0.435683    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1408    0.436120    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1409    0.436492    172.17.100.33    172.17.100.34    PGSQL    120    <T/C/Z
1410    0.436953    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1411    0.437199    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1412    0.437550    192.168.6.88    192.168.6.16    TLSv1.2    97    Application Data
1413    0.437578    192.168.6.16    192.168.6.88    TCP    54    3389 → 42347 [ACK] Seq=1 Ack=216 Win=62939 Len=0
1414    0.437691    172.17.100.34    172.17.100.33    PGSQL    238    >P/B/D/E/S
1415    0.437971    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
1416    0.438438    172.17.100.34    172.17.100.33    PGSQL    89    >Q
1417    0.438715    PUBLIC-IP_HERE    172.16.3.6    UDP    214    35802 → 9484 Len=172
1418    0.438739    172.17.100.33    172.17.100.34    PGSQL    122    <T/C/Z
1419    0.439206    172.17.100.34    172.17.100.33    PGSQL    80    >Q
1420    0.439411    172.17.100.33    172.17.100.34    PGSQL    90    <C/Z
1421    0.439747    172.17.100.34    172.17.100.33    PGSQL    236    >P/B/D/E/S
1422    0.440066    172.17.100.33    172.17.100.34    PGSQL    107    <1/2/n/C/Z
The VMs are getting absolutely spammed with SQL Traffic that should be between 2 VMs, which are also in a different Subnet...
I looked into the Network Settings of the Offending VMs, but I did not spot anything unusual.
The Log continues for thousands of lines with basically the same Content.

My PC on which I connected to the Windows VM via RDP: 192.168.6.88/24
VM that recorded the Traffic: 192.168.6.16/24 (Windows with VirtIO Network)
Offending VMs: 172.17.100.34/24 and 172.17.100.33/24 (Linux with VirtIO Network)
 
Last edited:
Would it be possible to get the full pcap file?
What would also be interesting would be the configuration of all 3 involved VMs, as well as the fdb of the bridge:

Code:
bridge fdb show <vmbr>

Also, the arp table of the involved hosts:
Code:
ip neigh show # linux
arp -a # windows
 
Last edited:
Would it be possible to get the full pcap file?
What would also be interesting would be the configuration of all 3 involved VMs, as well as the fdb of the bridge:

Code:
bridge fdb show <vmbr>

Also, the arp table of the involved hosts:
Code:
ip neigh show # linux
arp -a # windows
The File is way too big, I captured a lot, this was just a tiny snippet.
If it is strictly needed, I can run another Capture.

bridge fdb show vmbr100:
Code:
8c:16:45:9e:48:3b dev bond100 vlan 300 master vmbr100 
d6:6c:da:c0:3a:e9 dev bond100 vlan 6 master vmbr100 
c2:67:27:eb:cb:a2 dev bond100 vlan 4 master vmbr100 
08:94:ef:04:10:8d dev bond100 vlan 1 master vmbr100 
ac:16:2d:70:03:99 dev bond100 vlan 800 master vmbr100 
28:80:23:9c:d0:46 dev bond100 vlan 3 master vmbr100 
08:94:ef:03:8e:d2 dev bond100 vlan 4 master vmbr100 
bc:24:11:36:7a:3b dev bond100 vlan 1 master vmbr100 
00:30:56:a6:9c:61 dev bond100 vlan 90 master vmbr100 
56:36:44:a1:e7:c5 dev bond100 vlan 3 master vmbr100 
d8:9d:67:20:1e:f4 dev bond100 vlan 900 master vmbr100 
a0:36:bc:cb:e0:ca dev bond100 vlan 4 master vmbr100 
a0:d3:c1:ff:1a:2c dev bond100 vlan 900 master vmbr100 
a0:d3:c1:ff:01:04 dev bond100 vlan 900 master vmbr100 
d0:67:e5:e5:fc:d4 dev bond100 vlan 800 master vmbr100 
3a:47:41:36:6c:48 dev bond100 vlan 150 master vmbr100 
ce:66:81:d8:7c:d0 dev bond100 vlan 150 master vmbr100 
20:0c:c8:4e:2d:4a dev bond100 vlan 1 master vmbr100 
72:d8:c0:5a:ea:d9 dev bond100 vlan 9 master vmbr100 
da:9e:df:7c:0b:15 dev bond100 vlan 300 master vmbr100 
08:94:ef:03:8e:d5 dev bond100 vlan 1 master vmbr100 
ae:ff:57:03:7d:ce dev bond100 vlan 150 master vmbr100 
2e:41:fb:9c:80:d1 dev bond100 vlan 12 master vmbr100 
08:94:ef:03:8e:d2 dev bond100 vlan 12 master vmbr100 
08:94:ef:03:8e:d2 dev bond100 vlan 1 master vmbr100 
0e:7e:b4:97:e7:e0 dev bond100 vlan 1 master vmbr100 
f0:f6:c1:09:eb:f0 dev bond100 vlan 1 master vmbr100 
ac:16:2d:84:6e:61 dev bond100 vlan 800 master vmbr100 
82:c0:01:1a:7e:ec dev bond100 vlan 300 master vmbr100 
f0:2f:74:d5:ae:8d dev bond100 vlan 150 master vmbr100 
5a:ba:90:d6:a3:f7 dev bond100 vlan 9 master vmbr100 
d6:7c:c7:1d:82:f8 dev bond100 vlan 1 master vmbr100 
4e:2a:b8:3d:f9:95 dev bond100 vlan 900 master vmbr100 
8e:03:d8:4b:17:38 dev bond100 vlan 50 master vmbr100 
0a:ad:a2:bc:1d:3d dev bond100 vlan 7 master vmbr100 
a0:36:bc:cb:e0:ca dev bond100 vlan 1 master vmbr100 
a0:36:bc:cb:e0:ca dev bond100 vlan 3 master vmbr100 
6a:cd:8e:7c:5c:44 dev bond100 vlan 6 master vmbr100 
3e:00:e6:75:09:ca dev bond100 vlan 9 master vmbr100 
c6:23:e8:2b:b5:92 dev bond100 vlan 9 master vmbr100 
ac:16:2d:70:03:9a dev bond100 vlan 7 master vmbr100 
ac:16:2d:70:03:9a dev bond100 vlan 3 master vmbr100 
08:94:ef:40:48:92 dev bond100 vlan 1 master vmbr100 
8e:78:41:09:35:4d dev bond100 vlan 5 master vmbr100 
38:ca:84:cd:d7:4a dev bond100 vlan 1 master vmbr100 
4e:ec:1a:d1:2b:7a dev bond100 vlan 2 master vmbr100 
08:94:ef:40:48:92 dev bond100 vlan 7 master vmbr100 
ac:16:2d:70:03:9a dev bond100 vlan 150 master vmbr100 
4a:7e:d1:4e:6d:01 dev bond100 vlan 5 master vmbr100 
b8:e9:37:7b:f0:66 dev bond100 vlan 1 master vmbr100 
52:8f:60:9e:77:3d dev bond100 vlan 150 master vmbr100 
08:94:ef:63:ee:98 dev bond100 vlan 3 master vmbr100 
66:58:c6:18:b6:d2 dev bond100 vlan 1 master vmbr100 
ce:39:a8:0a:ab:29 dev bond100 vlan 90 master vmbr100 
08:94:ef:04:10:8a dev bond100 vlan 150 master vmbr100 
7e:77:30:db:dc:47 dev bond100 vlan 3 master vmbr100 
3c:8c:f8:a3:87:b6 dev bond100 vlan 1 master vmbr100 
08:94:ef:40:48:92 dev bond100 vlan 50 master vmbr100 
0e:52:a7:84:d8:aa dev bond100 vlan 3 master vmbr100 
5e:95:b7:d1:78:53 dev bond100 vlan 4 master vmbr100 
e2:bb:55:d3:27:0d dev bond100 vlan 1 master vmbr100 
08:94:ef:63:ee:98 dev bond100 vlan 6 master vmbr100 
3e:8d:4b:1e:d5:9b dev bond100 vlan 7 master vmbr100 
a0:d3:c1:ff:1a:74 dev bond100 vlan 150 master vmbr100 
62:25:3f:8f:ff:16 dev bond100 vlan 150 master vmbr100 
28:80:23:9c:d0:46 dev bond100 vlan 7 master vmbr100 
9c:eb:e8:82:d1:24 dev bond100 vlan 1 master vmbr100 
02:8c:b2:e2:59:f0 dev bond100 vlan 300 master vmbr100 
10:7c:61:53:a2:e3 dev bond100 vlan 1 master vmbr100 
10:7c:61:53:a2:e4 dev bond100 vlan 1 master vmbr100 
08:94:ef:63:ee:98 dev bond100 vlan 4 master vmbr100 
5e:8a:7d:4a:9e:c3 dev bond100 vlan 12 master vmbr100 
c0:25:a5:f3:7b:06 dev bond100 vlan 1 master vmbr100 
74:4c:a1:d0:22:4b dev bond100 vlan 1 master vmbr100 
c0:25:a5:4f:31:c4 dev bond100 vlan 1 master vmbr100 
e6:3c:5b:81:f7:9a dev bond100 vlan 12 master vmbr100 
1e:fb:a1:65:0a:1a dev bond100 vlan 1 master vmbr100 
9c:eb:e8:fa:ad:ac dev bond100 vlan 1 master vmbr100 
c8:89:f3:b3:6f:17 dev bond100 vlan 1 master vmbr100 
8e:03:d8:4b:17:38 dev bond100 vlan 3 master vmbr100 
08:94:ef:40:48:92 dev bond100 vlan 12 master vmbr100 
2e:12:a2:e9:13:b6 dev bond100 vlan 150 master vmbr100 
a0:36:bc:cb:57:3d dev bond100 vlan 1 master vmbr100 
10:7c:61:53:a2:40 dev bond100 vlan 1 master vmbr100 
a0:36:bc:cb:57:3e dev bond100 vlan 1 master vmbr100 
10:7c:61:53:a2:3f dev bond100 vlan 1 master vmbr100 
ac:16:2d:84:6e:62 dev bond100 vlan 2 master vmbr100 
08:94:ef:04:10:8a dev bond100 vlan 9 master vmbr100 
4c:b9:ea:06:ba:95 dev bond100 vlan 1 master vmbr100 
58:bf:25:22:69:ec dev bond100 vlan 1 master vmbr100 
ac:16:2d:70:03:9a dev bond100 vlan 9 master vmbr100 
a0:36:bc:cb:e0:ca dev bond100 vlan 9 master vmbr100 
34:7e:5c:fd:93:38 dev bond100 vlan 1 master vmbr100 
34:7e:5c:fd:94:0c dev bond100 vlan 1 master vmbr100 
d0:67:e5:f2:1a:87 dev bond100 vlan 9 master vmbr100 
ac:16:2d:84:6e:62 dev bond100 vlan 50 master vmbr100 
ac:16:2d:84:6e:62 dev bond100 vlan 3 master vmbr100 
70:a7:41:de:e5:ab dev bond100 vlan 1 master vmbr100 
e6:40:24:02:3d:af dev bond100 vlan 1 master vmbr100 
08:94:ef:03:8e:d2 dev bond100 vlan 150 master vmbr100 
e6:c8:f4:b5:e3:5b dev bond100 vlan 150 master vmbr100 
42:68:3c:81:71:e2 dev bond100 vlan 1 master vmbr100 
08:94:ef:40:48:92 dev bond100 vlan 150 master vmbr100 
08:94:ef:40:48:92 dev bond100 vlan 20 master vmbr100 
12:c8:55:8d:83:74 dev bond100 vlan 5 master vmbr100 
a0:36:bc:cb:e0:ca dev bond100 vlan 5 master vmbr100 
4c:eb:d6:5b:f2:d4 dev bond100 vlan 1 master vmbr100 
32:89:3d:b6:3c:32 dev bond100 vlan 50 master vmbr100 
46:d3:c9:2e:e2:f1 dev bond100 vlan 301 master vmbr100 
3e:2b:a4:65:cd:95 dev bond100 vlan 300 master vmbr100 
3c:ec:ef:90:a3:51 dev bond100 vlan 20 master vmbr100 
f0:f6:c1:5a:30:36 dev bond100 vlan 1 master vmbr100 
08:94:ef:63:ee:98 dev bond100 vlan 1 master vmbr100 
5a:a7:73:08:89:2f dev bond100 vlan 150 master vmbr100 
4a:39:07:b1:dc:bf dev bond100 vlan 4 master vmbr100 
0e:6b:9e:c2:f2:60 dev bond100 vlan 1 master vmbr100 
84:25:3f:c2:5c:80 dev bond100 vlan 1 master vmbr100 
00:c0:3d:0a:2a:7b dev bond100 vlan 20 master vmbr100 
92:a7:f3:e3:72:bd dev bond100 vlan 5 master vmbr100 
1c:ca:e3:7a:60:ee dev bond100 vlan 1 master vmbr100 
ea:31:77:20:9f:59 dev bond100 vlan 1 master vmbr100 
74:42:7f:a6:28:7e dev bond100 vlan 90 master vmbr100 
24:5a:4c:16:a2:3a dev bond100 vlan 1 master vmbr100 
a0:36:bc:cb:e0:cc dev bond100 vlan 1 master vmbr100 
a0:36:bc:cb:e0:cb dev bond100 vlan 1 master vmbr100 
b2:a3:47:73:ff:62 dev bond100 vlan 20 master vmbr100 
8e:8c:46:77:db:16 dev bond100 vlan 150 master vmbr100 
d0:67:e5:f2:1a:8b dev bond100 vlan 1 master vmbr100 
d0:21:f9:ce:7a:4e dev bond100 vlan 1 master vmbr100 
ac:8b:a9:67:bf:fc dev bond100 vlan 1 master vmbr100 
68:d7:9a:d9:cc:d3 dev bond100 vlan 1 master vmbr100 
70:a7:41:de:e3:e2 dev bond100 vlan 1 master vmbr100 
70:a7:41:de:e5:aa dev bond100 vlan 1 master vmbr100 
c6:50:cf:5d:b2:a8 dev bond100 vlan 1 master vmbr100 
50:65:f3:60:d4:56 dev bond100 vlan 1 master vmbr100 
e0:63:da:b6:01:6b dev bond100 vlan 1 master vmbr100 
a0:b3:cc:ed:63:bc dev bond100 vlan 1 master vmbr100 
b0:ec:dd:cb:d9:6c dev bond100 vlan 90 master vmbr100 
d0:67:e5:e5:fc:d2 dev bond100 vlan 4094 master vmbr100 permanent
..............................................................
d0:67:e5:e5:fc:d2 dev bond100 vlan 1 master vmbr100 permanent
d0:67:e5:e5:fc:d2 dev bond100 master vmbr100 permanent
33:33:00:00:00:01 dev bond100 self permanent
01:00:5e:00:00:01 dev bond100 self permanent
33:33:00:00:00:01 dev vmbr100 self permanent
33:33:00:00:00:02 dev vmbr100 self permanent
01:00:5e:00:00:6a dev vmbr100 self permanent
33:33:00:00:00:6a dev vmbr100 self permanent
01:00:5e:00:00:01 dev vmbr100 self permanent
33:33:ff:e5:fc:d2 dev vmbr100 self permanent
01:80:c2:00:00:21 dev vmbr100 self permanent
33:33:ff:00:00:00 dev vmbr100 self permanent
ce:41:73:41:25:93 dev tap227i0 vlan 150 master vmbr100 permanent
ce:41:73:41:25:93 dev tap227i0 master vmbr100 permanent
02:92:c7:9f:a2:58 dev tap225i0 vlan 150 master vmbr100 
de:61:de:58:ee:95 dev tap225i0 vlan 150 master vmbr100 permanent
de:61:de:58:ee:95 dev tap225i0 master vmbr100 permanent
fe:79:65:dc:21:4c dev tap461i0 vlan 150 master vmbr100 
1e:33:94:a4:fd:d4 dev tap461i0 vlan 150 master vmbr100 permanent
1e:33:94:a4:fd:d4 dev tap461i0 master vmbr100 permanent
12:04:a5:f3:3e:1b dev tap436i0 vlan 150 master vmbr100 
6e:20:25:56:38:1b dev tap436i0 vlan 150 master vmbr100 permanent
6e:20:25:56:38:1b dev tap436i0 master vmbr100 permanent
12:1e:67:b3:32:db dev tap229i0 vlan 150 master vmbr100 
96:8d:3c:b9:13:f6 dev tap229i0 vlan 150 master vmbr100 permanent
96:8d:3c:b9:13:f6 dev tap229i0 master vmbr100 permanent
f6:28:a0:41:56:f1 dev tap228i0 vlan 150 master vmbr100 
ae:ad:6f:39:43:1b dev tap228i0 vlan 150 master vmbr100 permanent
ae:ad:6f:39:43:1b dev tap228i0 master vmbr100 permanent

ip neigh show:
.33
Code:
172.17.100.30 dev ens18 lladdr 52:8f:60:9e:77:3d STALE
172.17.100.1 dev ens18 lladdr e6:c8:f4:b5:e3:5b REACHABLE
172.17.100.31 dev ens18 lladdr 56:a2:45:4e:9a:b2 REACHABLE
172.17.100.34 dev ens18 lladdr 12:1e:67:b3:32:db REACHABLE
.34
Code:
172.17.100.1 dev ens18 lladdr e6:c8:f4:b5:e3:5b REACHABLE
172.17.100.33 dev ens18 lladdr f6:28:a0:41:56:f1 REACHABLE

arp -a:
Code:
Schnittstelle: 192.168.6.16 --- 0xc
  Internetadresse       Physische Adresse     Typ
  192.168.6.1           1e-fb-a1-65-0a-1a     dynamisch
  192.168.6.15          0e-6b-9e-c2-f2-60     dynamisch
  192.168.6.83          c0-25-a5-4f-31-c4     dynamisch
  192.168.6.88          c0-25-a5-f3-7b-06     dynamisch
  192.168.6.100         fa-38-4a-2d-b7-01     dynamisch
  192.168.6.255         ff-ff-ff-ff-ff-ff     statisch
  224.0.0.22            01-00-5e-00-00-16     statisch
  224.0.0.251           01-00-5e-00-00-fb     statisch
  224.0.0.252           01-00-5e-00-00-fc     statisch
  239.255.255.250       01-00-5e-7f-ff-fa     statisch
 
The File is way too big, I captured a lot, this was just a tiny snippet.
If it is strictly needed, I can run another Capture.
Yes, please - it would be interesting to see the ethernet frames of the packets in particular.
Could you also provide the respective VM configurations?
 
Yes, please - it would be interesting to see the ethernet frames of the packets in particular.
Could you also provide the respective VM configurations?
VM-Configs:
228
Code:
agent: 1
boot: order=virtio0;ide2;net0
cores: 16
ide2: none,media=cdrom
memory: 16384
meta: creation-qemu=7.1.0,ctime=1679567141
name: MainSRV
net0: virtio=F6:28:A0:41:56:F1,bridge=vmbr100,tag=150
numa: 0
onboot: 1
ostype: l26
scsihw: virtio-scsi-single
smbios1: uuid=41abea00-982f-4292-8550-eda4fccca627
sockets: 1
tags: alma
virtio0: SSD-Pool01:vm-228-disk-0,discard=on,iothread=1,size=1000G
vmgenid: 493592cd-114b-4a25-90a9-e839ba8b6640
229
Code:
gent: 1
boot: order=virtio0;ide2;net0
cores: 16
ide2: none,media=cdrom
memory: 16384
meta: creation-qemu=7.1.0,ctime=1679572778
name: RateSRV
net0: virtio=12:1E:67:B3:32:DB,bridge=vmbr100,tag=150
numa: 0
onboot: 1
ostype: l26
scsihw: virtio-scsi-single
smbios1: uuid=15e0ca17-e7e4-4be4-85ed-5a59e63b5779
sockets: 1
tags: alma
virtio0: SSD-Pool01:vm-229-disk-0,discard=on,iothread=1,size=1000G
vmgenid: 708ffa2f-8c90-4b41-96f3-18025376cb5b
6998 (Windows 10 VM)
Code:
agent: 1
boot: order=ide0;ide2;virtio0
cores: 8
ide0: none,media=cdrom
ide2: none,media=cdrom
machine: pc-i440fx-7.2
memory: 16384
meta: creation-qemu=7.2.0,ctime=1699948541
name: TS-Win10
net0: virtio=42:68:3C:81:71:E2,bridge=vmbr100,firewall=1
numa: 0
ostype: win10
scsihw: virtio-scsi-single
smbios1: uuid=c6e33982-7afd-4582-b921-5cd40cf9164b
sockets: 1
tags: windows
virtio0: local-zfs:vm-6998-disk-0,cache=writeback,discard=on,iothread=1,size=128G
vmgenid: 104ba9c1-5481-492f-b1f9-2dce2365d414

For the Packet Capture, I will try to post it next Week, sorry for not being able to do so right now...
 
Did you ever solved this? We have a comparable issue here.... GuestVMs in same VLAN see traffic from each other and even saturate 10GBit Network when Backups are running between 2 specific hosts....
 
Did you ever solved this? We have a comparable issue here.... GuestVMs in same VLAN see traffic from each other and even saturate 10GBit Network when Backups are running between 2 specific hosts....
Sadly not, it seems to have lessened with recent Updates, but the Issue still seems to be present, just to a lesser extent.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!