vm's can't ping to each other on the bridge with vlan.

X

xux1217

Member
Sep 26, 2019
9
0
21
31
Hi,

I have a machine that run proxmox 6.3-3. This machine has 2 VM, A and B. A or B can ping to host and other VMs that outer this host, but can't ping to each other.

This machine's network has some special, the config is blow:

Code: 
auto lo
iface lo inet loopback

iface eno4 inet manual

iface enp131s0 inet manual

iface enp131s0d1 inet manual

auto eno1
iface eno1 inet manual

auto eno2
iface eno2 inet manual

iface eno3 inet manual

auto vmbr0
iface vmbr0 inet manual
        bridge-ports enp131s0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

auto vmbr0.2
iface vmbr0.2 inet static
        address 10.0.1.1/8
        gateway 10.0.0.1

I must use vlan 2, and the network of A and B is bridged to vmbr0.

I must use vlan 2 on the host, so I create a vmbr0.2 for host.

I use tcpdump to debug. I can find the ICMP packages in vmbr0, and has the correct vlan tag. And I always find these packages in vmbr0.2, and has no vlan tag. And then, I can't find these packages in tap2000i( the network device of A in host).
So I think maybe the bridge has wrong forwarding table, but I use `brctl showmacs ` to check, the port is right.

So, please help me...

The vm config of A is below, and the similar of B:
agent: 1,fstrim_cloned_disks=1,type=virtio bios: ovmf boot: c bootdisk: scsi0 cores: 24 cpu: host efidisk0: runtime_data:base-9002-disk-0/vm-2000-disk-0,size=1M ide2: runtime_data:vm-2000-cloudinit,media=cdrom,size=4M ipconfig0: ip=10.30.0.1/8,gw=10.0.0.1 machine: q35 memory: 8192 name: offline-dev0 net0: virtio=3A:5A:AF:A0:83:AE,bridge=vmbr0,tag=2 numa: 1 rng0: source=/dev/urandom scsi0: runtime_data:base-9002-disk-1/vm-2000-disk-2,cache=writeback,discard=on,iothread=1,size=20684M scsi1: runtime_data:base-9002-disk-2/vm-2000-disk-1,cache=writeback,discard=on,iothread=1,size=500G scsi2: /dev/sdi,backup=0,iothread=1,size=488386584K,ssd=1 scsihw: virtio-scsi-single serial0: socket smbios1: uuid=061704fa-911c-4a0f-8b7a-a74200e5bc6b sockets: 2
 
The config does not look wrong. Maybe an ICMP issue in this big broadcast domain? Can the two VMs communicate apart from ICMP? Do you have the firewall enabled in any of the two VMs?
 
I think the big broadcast domain is not problem, because other VM that not in the same server can communicate with each other.
I setting the track on raw table of iptables, no hit the network layer event, so it's purely link layer process.
I also check the ebtables, no config in it.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back