[SOLVED] XP VM can not talk to the LAN

C

cosmos

Renowned Member
Apr 1, 2013
125
4
83
This is driving me crazy. I have installed a new PVE installation (4.something). Simple stuff: single pve node (no cluster, nothing advanced) with a single XP VM. Details

  • Host has a single eth0 network adapter.
  • Host has as a single vmbr0 interface
  • Host does not communicate with the internet at all
  • the node has address X.Y.Z.199/24
  • guest was configured in pve with a virtio card, in bridged mode on vmbr0
  • the single XP guest has address X.Y.Z.200/24. Controller used is virtio, but I have also tried rtl8139
  • there are 10 Windows XP real machines on the LAN, with addresses X.Y.Z.201-210/24
  • Firewalling is not enabled at all
  • the PVE host (.199) communicates just fine with the guest (.200)
  • The guest can also see and ping PVE
  • All PCs on the LAN communicate just fine with PVE
The problem is that I can not make the guest talk to the LAN clients! I am not an expert on pve, however I believe that tap100i0 corresponds to the bridged interface of the XP client.

Using tcpdump on either vmbr0 or tap100i0 I can see that:
  • when pinging the guest from client say .201, ARP requests are clearly found on the interface and replies are sent as well. This happens more than one time, so it seems that for some reason the ARP replies never reach the .201 client. Running arp -a on the windows system confirms this, no entries for .200 are found
  • When trying to ping from the guest, things are bit different. This time I can see the ICMP echo requests towards .201, but no echo replies come back!

Next thing I have tried is to use static ARP. So I configured ARP for .201 on .200 and vice versa. Now, tcpdump produces different things:
  • When pinging the guest from .201, I can see both ICMP echo requests AND the echo replies! But (crazzyyyy) on the cmd console of .201 I do not receive any success reply messages! It seems as though the ICMP echo response packets never reach .201
  • On the other way, when pinging from .200, I only see the ICMP echo requests flying through. No ICMP response packets at all.
This is a toughie for me. I will happily accept any hint you might have here, I'm running out of ideas :(
 
is the mac adress of the VM unique in your LAN ?
 
Sorry for delaying to get back to you.

I had a hunch that something in the middle was killing traffic. Since this murder of sorts was assymetric, ie more traffic in the direction from VM to lan seemed to have a problem, I thought that I had to check the lan switch.

Specifically, there was a Cisco catalyst 500, with all ports set to "desktop" operation. That is, no more than 1 mac can communicate per port! I changed the smartport setting to "other" and everything worked just fine!

Lost 5 hours, at least it worked. Thanks for all the responses too. Consider this solved.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back