Public addresses on Proxmox through the bridge, why it can fly out through the defined. time?

A

akelsey2020-03-25 13:56:25

linux

akelsey, 2020-03-25 13:56:25

Need community help, configured ProxMox on Debian 10, bought about 20 public addresses, all of them were bound to eth0 by default, below is how it was configured by default, I give an example with 1 address:

# The loopback network interface

auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
auto eth0
iface eth0 inet static
        address xx.yyy.162.143/23
        gateway xx.yyy.162.1
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 1.1.1.1
        dns-search mydomain.com
        
auto eth0:1
allow-hotplug eth0:1
iface eth0:1 inet static
  address xx.yyy.163.84
  netmask 255.255.255.255

After that, I reconfigured it in this way (the number of bridges is equal to the number of public addresses, in the example, again, only one):

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
auto eth0
iface eth0 inet static
        address xx.yyy.162.143/23
        gateway xx.yyy.162.1
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 1.1.1.1
        dns-search mydomain.com

auto vmbr1084
iface vmbr1084  inet static
 address xx.yyy.162.143
 netmask 255.255.254.0
 bridge-ports none
 bridge-stp off
 bridge-fd 0
 bridge_maxwait 0
 up ip route add xx.yyy.163.84/32 dev vmbr1084
 down ip route delete xx.yyy.163.84/32 dev vmbr1084
#Ext-84 [xx.yyy.163.84]

Inside the virtual machine, it is configured like this, in the Windows Server example (using a point-to-point link):

IP: xx.yyy.163.84
NET: 255.255.255.255
GW: xx.yyy.162.143

Everything works fine, but not for long, sometimes 1 hour, sometimes 4 hours, there are not a lot of logs, maybe I don’t know where to look, the configuration as a whole does not change.
Symptoms - everything just stops working, access is lost anywhere from inside the VM, outside too.
At the same time, I see arp request / arp reply from the inside, but there is an arp request from the host machine, but arp replay does not return, everything seems to be ok in the arp cache.
I don't even know which way to dig.
When resetting network interfaces, everything starts working again, but again a random amount of time.
I would be grateful for any advice.

uname -a
Linux myhostname 5.3.18-3-pve #1 SMP PVE 5.3.18-3 (Tue, 17 Mar 2020 16:33:19 +0100) x86_64 GNU/Linux

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Sanes, 2020-03-25
@akelsey

On the host, you do not need to add additional. addresses if it is not host-routed. It is enough to configure on the guest.

F

fara_ib, 2020-03-25
@fara_ib

Maybe try adding another virtual machine for example with pfsense and use it as a gateway and safer and snort there is well, like protection from a hostile Internet and most importantly there is a multi van in my answers there was an instruction how to forward a specific white ip (out of several) to network behind nat well to other virtual machines.

P

Puma Thailand, 2020-03-26
@opium

Syslog look and dmesg