What are fwbrXYZi0 and fwlnXYZi0 and why are their MAC addresses being seen by Hetzner?

[Undergrid]

i All,

I have a proxmox 6.4-13 server running in a Hetzner datacenter with Bridged networking (redacted config below).

I currently have 5 VM's running and each VM has a MAC address (in the running OS) starting with 00:50:56. When I do an ifconfig on the host machine, each VM has an fwbrXYZi0 and fwnlXYZi0 entry (where XYZ is the VM ID) with a different and entirely random MAC address. They also have fwprXYZp0 and tapXYZi0 entries each of which has a different random MAC address.

When I reboot this machine, it appears the MAC addresses from at least the fwbr and fwnl entries leak out onto the network and Hetzner sends me an abuse email for using non-registered MAC addresses.

What are these interfaces for and does anyone know how I can stop the MAC addresses leaking out to Hetzner?

Thanks.

The Proxmox host is configured like this:

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

iface enp0s31f6 inet manual

auto vmbr0
iface vmbr0 inet static
        address  95.216.AAA.BBB
        netmask  255.255.255.192
        gateway  95.216.CCC.DDD
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0

iface vmbr0 inet6 static
        address  2a01:4f9:EEEE:FFFF::2
        netmask  64
        gateway  fe80::1

auto vmbr1
iface vmbr1 inet static
        address  10.1.1.1
        netmask  255.255.0.0
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        bridge_maxwait 0

Each VM is configured similarly to:

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto ens18
iface ens18 inet static
        address 95.216.GGG.HHH
        netmask 255.255.255.192
        gateway 95.216.CCC.DDD

iface ens18 inet6 static
        address 2a01:4f9:EEEE:FFFF::22:68
        netmask 64
        gateway fe80::1

 

[spirit]

fwbr are the firewall bridges, when the firewall checkbox is enabled on a vm gui.

they are now "bugs" on proxmox 6.x (fixed in proxmox 7) with some packets sent with the wrong mac

if you don't use proxmox firewall, disable the firewall on vm nic, it should fix it.

if you use proxmox firewall:

- never use REJECT in rules, or default inbound rules on vms firewall
- add a rules in each vm "direction in - drop - tcp - port 43"
- add in "/etc/sysctl.d/pve.conf" : "net.ipv4.igmp_link_local_mcast_reports = 0" (and reboot)


more details here:
https://forum.proxmox.com/threads/proxmox-claiming-mac-address.52601

 

[Undergrid]

fwbr are the firewall bridges, when the firewall checkbox is enabled on a vm gui.

they are now "bugs" on proxmox 6.x (fixed in proxmox 7) with some packets sent with the wrong mac

if you don't use proxmox firewall, disable the firewall on vm nic, it should fix it.

if you use proxmox firewall:

- never use REJECT in rules, or default inbound rules on vms firewall
- add a rules in each vm "direction in - drop - tcp - port 43"
- add in "/etc/sysctl.d/pve.conf" : "net.ipv4.igmp_link_local_mcast_reports = 0" (and reboot)


more details here:
https://forum.proxmox.com/threads/proxmox-claiming-mac-address.52601

Hi Spirit,

Thanks for the response. I think the easiest thing will be to upgrade to proxmox 7 if that solves the problem.

Thanks.