Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    TNSR in proxmox droping connectivity

    Scheduled Pinned Locked Moved
    TNSR
    2
    13
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Alan Jones @Derelict
      last edited by

      @derelict finally got back around to this. The following appears in /var/log/messages when the system stops forwarding traffic:

      Jan 14 17:14:38 router01 dhclient[1619]: DHCPREQUEST on vpp1 to 172.16.40.1 port 67 (xid=0x1a4d3f47)
Jan 14 17:14:43 router01 dhclient[1619]: DHCPREQUEST on vpp1 to 172.16.40.1 port 67 (xid=0x1a4d3f47)
Jan 14 17:14:50 router01 dhclient[1619]: DHCPREQUEST on vpp1 to 172.16.40.1 port 67 (xid=0x1a4d3f47)
Jan 14 17:14:53 router01 vnet[1227]: linux-cp/router: Failed to delete neighbor: 172.16.40.1 WAN
Jan 14 17:14:57 router01 dhclient[1619]: DHCPREQUEST on vpp1 to 172.16.40.1 port 67 (xid=0x1a4d3f47)
Jan 14 17:15:00 router01 vnet[1227]: linux-cp/router: Failed to delete neighbor: 172.16.40.1 WAN
Jan 14 17:15:16 router01 dhclient[1619]: DHCPREQUEST on vpp1 to 172.16.40.1 port 67 (xid=0x1a4d3f47)
Jan 14 17:15:19 router01 vnet[1227]: linux-cp/router: Failed to delete neighbor: 172.16.40.1 WAN
Jan 14 17:15:33 router01 dhclient[1619]: DHCPREQUEST on vpp1 to 172.16.40.1 port 67 (xid=0x1a4d3f47)
Jan 14 17:15:36 router01 vnet[1227]: linux-cp/router: Failed to delete neighbor: 172.16.40.1 WAN
Jan 14 17:15:54 router01 dhclient[1619]: DHCPREQUEST on vpp1 to 172.16.40.1 port 67 (xid=0x1a4d3f47)
      1 Reply Last reply Reply Quote 0
      • A
        Alan Jones @Derelict
        last edited by

        @derelict definitely an arp issue. The WAN interface has all the DHCP attained information, but "show neighbor" shows no WAN addresses.

        DerelictD 1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate @Alan Jones
          last edited by Derelict

          @alan-jones That does not look like it has received a DHCP response. Did you add ACLs? DHCP responses need to be passed if so.

          I would start with a statically-configured WAN and move to DHCP.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          A 1 Reply Last reply Reply Quote 0
          • A
            Alan Jones @Derelict
            last edited by

            @derelict no ACLs, just routing for now. I tried a static IP and a static MAC entry for the gateway. Neither worked. It's like the network dropped out from under it. This VM is connected to an Open vSwitch bridge, could that be the issue?

            DerelictD 1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate @Alan Jones
              last edited by

              @alan-jones Seems like no Layer 2 connectivity to me.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              A 2 Replies Last reply Reply Quote 0
              • A
                Alan Jones @Derelict
                last edited by

                @derelict I concur, but I can't find anything to indicate that and other VMs on the same host are not having L2 connectivity issues. I'll continue to troubleshoot.

                1 Reply Last reply Reply Quote 0
                • A
                  Alan Jones @Derelict
                  last edited by

                  @derelict for what it's worth, I swapped to VMXNET3 interfaces and now its completely stable. So weird.

                  DerelictD 1 Reply Last reply Reply Quote 0
                  • DerelictD
                    Derelict LAYER 8 Netgate @Alan Jones
                    last edited by

                    @alan-jones That is strange. Everyone here uses virtio.

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    A 1 Reply Last reply Reply Quote 0
                    • A
                      Alan Jones @Derelict
                      last edited by

                      @derelict yeah the NICs are igb and e1000 so they're supported by DPDK. Dunno...

                      DerelictD 1 Reply Last reply Reply Quote 0
                      • DerelictD
                        Derelict LAYER 8 Netgate @Alan Jones
                        last edited by Derelict

                        @alan-jones That means nothing unless you are passing them through directly. Tnsr only sees virtio or vmxnet3. The underlying hardware is obfuscated.

                        Chattanooga, Tennessee, USA
                        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                        Do Not Chat For Help! NO_WAN_EGRESS(TM)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post