Hello all,
I have configured my proxmox 7.0 host bridge to be vlan-aware. I can set up vms in different vlans and it works flawlessly, so long as the vms have only 1 NIC.
When I set up a VM to have 2 NICs, in 2 different VLANs, the vm become only reachable from its vlans, other vlan users get a timeout.
Eg:
1) VM has 1 NIC1 (eth1) in VLAN 1, with a corresponding IP - it is reachable from VLAN 1 and VLAN 80 on VLAN 1 IP.
2) add a 2nd NIC2 (eth2) to the VM, in VLAN 90 (with /32 public IP) - the vm is only reachable from VLAN 1 on VLAN 1 IP or internet on VLAN 90 IP. VLAN 80 users can no longer reach VLAN 1 IP.
3) in proxmox, move NIC1 to VLAN 80 (and keep NIC2 to VLAN 90) - only users on VLAN 80 can reach the vm on VLAN 80 IP, users on VLAN 1 get a timeout
What am I doing wrong in my setup?
[Edit: additional testing]
I made some additional tests, on a proxmox 6.4 host: inter-vlan communication works as expected.
I noticed a difference in the interfaces config file:
- on proxmox 6.4, the vlan-aware bridge has these settings, which are absent on proxmox 7.0:
- adding those settings to the proxmox 7.0 bridge interface messes up inter-vlan communication even more
I have configured my proxmox 7.0 host bridge to be vlan-aware. I can set up vms in different vlans and it works flawlessly, so long as the vms have only 1 NIC.
When I set up a VM to have 2 NICs, in 2 different VLANs, the vm become only reachable from its vlans, other vlan users get a timeout.
Eg:
1) VM has 1 NIC1 (eth1) in VLAN 1, with a corresponding IP - it is reachable from VLAN 1 and VLAN 80 on VLAN 1 IP.
2) add a 2nd NIC2 (eth2) to the VM, in VLAN 90 (with /32 public IP) - the vm is only reachable from VLAN 1 on VLAN 1 IP or internet on VLAN 90 IP. VLAN 80 users can no longer reach VLAN 1 IP.
3) in proxmox, move NIC1 to VLAN 80 (and keep NIC2 to VLAN 90) - only users on VLAN 80 can reach the vm on VLAN 80 IP, users on VLAN 1 get a timeout
What am I doing wrong in my setup?
[Edit: additional testing]
I made some additional tests, on a proxmox 6.4 host: inter-vlan communication works as expected.
I noticed a difference in the interfaces config file:
- on proxmox 6.4, the vlan-aware bridge has these settings, which are absent on proxmox 7.0:
Code:
bridge-vlan-aware yes
bridge-vids 2-4094
Last edited:
