Hello. I’m looking for some guidance on the correct way to set up this network. I have an instance of ubuntu server 22.04.2 running on proxmox. Two interfaces are attached to the VM and vlan tagging is handled by proxmox.
I have two VLANs being used. Ens18 is on 100 and ens19 is on 300. On my initial attempts i used netplan with the following configuration.
Code:
network: version: 2
renderer: networkd
ethernets:
ens18:
dhcp4: true
dhcp4-overrides:
route-metric: 100
ens19:
dhcp4: true
dhcp4-overrides:
route-metric: 200
route -n
Code:
Kernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.86.1 0.0.0.0 UG 100 0 0 ens18
0.0.0.0 192.168.254.1 0.0.0.0 UG 200 0 0 ens19
192.168.86.0 0.0.0.0 255.255.255.0 U 100 0 0 ens18
192.168.86.1 0.0.0.0 255.255.255.255 UH 100 0 0 ens18
192.168.86.16 0.0.0.0 255.255.255.255 UH 100 0 0 ens18
192.168.254.0 0.0.0.0 255.255.255.0 U 200 0 0 ens19
192.168.254.1 0.0.0.0 255.255.255.255 UH 200 0 0 ens19
ifconfig
Code:
ens18: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.86.28 netmask 255.255.255.0 broadcast 192.168.86.255
inet6 fe80::ecc6:d9ff:fe43:6711 prefixlen 64 scopeid 0x20<link>
ether ee:c6:d9:43:67:11 txqueuelen 1000 (Ethernet)
RX packets 930 bytes 149307 (149.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 427 bytes 62104 (62.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens19: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.254.35 netmask 255.255.255.0 broadcast 192.168.254.255
inet6 fe80::443a:61ff:fedc:4864 prefixlen 64 scopeid 0x20<link>
ether 46:3a:61:dc:48:64 txqueuelen 1000 (Ethernet)
RX packets 295 bytes 32942 (32.9 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16 bytes 1736 (1.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 84 bytes 6368 (6.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 84 bytes 6368 (6.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
While this works and ip addresses are assigned by the router, there is a problem with what appears to be asymmetric routing. From my computer on vlan 100, if I start a SSH session to the ip address on the 300 vlan it will time out after about a minute. Based on what i found after googling around, it is my (limited) understanding that the server is taking the shortest path back to my computer since it has an interface present on the vlan 100 subnet.
Continued reading brought me to establishing static routes through netplan. I followed the guide on netplan.io and used this config.
Code:
network: version: 2
renderer: networkd
ethernets:
ens18:
addresses:
- 192.168.86.28/24
nameservers:
addresses: [8.8.8.8]
dhcp4: no
routes:
- to: default
via: 192.168.86.1
- to: 192.168.86.0/24
via: 192.168.86.1
table: 101
routing-policy:
- from: 192.168.86.0/24
table: 101
ens19:
addresses:
- 192.168.254.35/24
nameservers:
addresses: [8.8.8.8]
dhcp4: no
routes:
- to: 192.168.254.0/24
via: 192.168.254.1
table: 102
routing-policy:
- from: 192.168.254.0/24
table: 102
route -n
Code:
Kernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.86.1 0.0.0.0 UG 0 0 0 ens18
192.168.86.0 0.0.0.0 255.255.255.0 U 0 0 0 ens18
192.168.254.0 0.0.0.0 255.255.255.0 U 0 0 0 ens19
ifconfig
Code:
ens18: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.86.28 netmask 255.255.255.0 broadcast 192.168.86.255
inet6 fe80::ecc6:d9ff:fe43:6711 prefixlen 64 scopeid 0x20<link>
ether ee:c6:d9:43:67:11 txqueuelen 1000 (Ethernet)
RX packets 566 bytes 98730 (98.7 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 101 bytes 12613 (12.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens19: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.254.35 netmask 255.255.255.0 broadcast 192.168.254.255
inet6 fe80::443a:61ff:fedc:4864 prefixlen 64 scopeid 0x20<link>
ether 46:3a:61:dc:48:64 txqueuelen 1000 (Ethernet)
RX packets 40 bytes 4812 (4.8 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14 bytes 964 (964.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 86 bytes 6566 (6.5 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 86 bytes 6566 (6.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
I still am getting the same behavior where ssh sessions will fail after a minute or two. I have also tested this with an instance of node-red on the VM and see the same behavior after a minute or so. it appears to be a similar issue with tcp traffic. Here is a shot from a wireshark trace. I can provide additional details from this log if useful.
https://imgur.com/a/hFjlRbt
My questions are:
Is my netplan configuration correct? I'm not sure if this is the expected results from the configuration and if the routing looks correct. if it is not correct, where should i make adjustments?
If it is correct, where would the next place be to look into this problem. I have tried going down to a single interface on the virtual machine that only accesses vlan 300 and there are no issues. It only becomes a problem when traversing across vlan and with both interfaces up. If there is any other useful information i can provide, please let me know.
Thank you in advance.