I just wanted to take a moment to thank you for the fantastic work you are doing on your TH-cam channel. Your videos are incredibly informative and helpful. I'm particularly interested in Proxmox and its SDN capabilities. If possible, I would love to see a deeper dive into this topic in your future videos. Your insights and detailed explanations would be greatly appreciated. Thanks again for your hard work and dedication to educating others. Best regards, Christian
No worries. I'll look to cover in more depth at a later time. It's pretty similar to a standard network though once you understand how to do the first one.
Jim. Quality video again. You have quickly become my favorite tech/homelab content creator. I definitely watch out for all your latest videos. Keep up the good work.
Just discovered your channel, and you have videos for a lot of the stuff I am in the process of setting up in my homelab: Opensense, separating all VMs to a single VLAN, SSO, private CA...and experiment with Zero Trust ideas... without having use for any of it (but fun to play around with). So a +1 for the sub from me. ;)
@@Jims-Garage A friend of mine has a zen-like saying: "Zero Trust is a road... not a destination". Quite the contrast from what we hear from big tech, advertising their products. ;) Working with security, this "assume breach"-way of looking at everything, is quite useful. Never had to do the "dirty work" myself, which is the reason for wanting to do it in my homelab.
Great video! New to SDN.. I'm trying to also include Netbox to get a bit more structured on my HomeLab and I connected it to PVE. Still learning and don't understand Netbox yet.. but making small steps. Might be something for you to look into! Like a video or 10 :)
Hi Jim, Thank you for the SDN video. There is very minimum content on proxmox SDN. Please make detailed video on it along with the whole scenario while the proxmox sever/s is/are connected to the switches in balance-rr or Active/Backup interface.
Hi Jim, Thanks for your Tutorials. decent clean and easy to follow inc this one ;) Plus 1 on comment of FTLN... woudl be nice to get e better overview , how different subnets via SDN can talk to eachother !
Great video! I've been looking for ages on how to set up NAT on Proxmox, but I can't seem to get this working on my end. My VM's are not being issued an IP address when using the SDN network bridge for some reason that I can't figure out.
Thanks Jim for the introduction to PVE 8.1 SDN. Looking at your /etc/network/interfaces file, the system hosts 2 x quad NIC adapters (or 4 of the same NIC card... twice). Where do you stop configuring the actual hypervisor and start configuring the data center's SDN? I have a cluster of physicals with an onboard NIC and a quad PCIe NIC card. The NIC's presented to the hypervisor are eno1 and enps0f0, enps0f1, enps0f2, and enps0f3. The latter 4 are configured in a lag bond0. Normally I would configure a vmbr1 to bond0, and VLAN's from vmbr1. I don't know where to stop configuring the hypervisor and start configuring SDN. If you're able to expand on that, would be excellent!
Hi Jim. Your quick. Asked yesterday and now already :), Great one. I am going to use it for my RKE2 Servers.The Apply button is a pain. Was looking for that one as well when it first came out. Btw if you are wondering where the config files are? These are in /etc/pve/sdn
Hi Jim, great video again and clearly explained! I was wondering if it would be possible to host a website with a cloudflare tunnel behind a SDN by limiting the access to only internet, pretty much like a vlan.
Recently came across your channel and enjoy your videos. I have a 3 node cluster and looking to properly segment my network, in many ways, and I just set up a data/iscsi network with completely separate physical switches and NICs. Anything different, or special, to creating a data vlan? Would that be a separate zone since we want only the hosts having access to this network? Only way a VM needs access to it is to run the disks.
@Jims-Garage thank you for the quick response! Think it should be a different zone? The zone part gets me hung up a bit. I know simple is all I need, just confused on when to use multiple if you had any advice.
Also, on a slightly different note... have you used Webmin? I recently came across it for a specific use case (bind9 management and ease of alerting, etc), and it seems to be a fantastic product for Linux servers. I wanted to see if you'd have an interest in a video on that since you can also cluster them and integrate them with your home lab.
One use case I think would be useful to cover is how to have these SDNs (especially VLANs which many of us use to segment our network) interact with existing mechanisms (e.g. existing pfSense / opnSense firewalls). What's a bit confusing to me is how one can continue to delegate things like DHCP to these firewalls while still using the automatic provisioning / VLAN tagging associated with the SDN features. Thanks as always for this incredibly helpful content!
It's effectively creating a separate software network behind Proxmox. This means inter-VM traffic on the same SDN isn't routed through the firewall (Sophos-XG).
Great video, Explained everything very well. Do you know how this can be used to port forward? I was thinking that maybe this could replace the times we had to create opnsense vms just to have a NAT network with web ports forwarded for hosting multiple different env apps.
Hi Jim, thanks for all the informative videos you make. I’m new to homelab and I tried to follow the video but I run into one problem. When I create the simple SDN, and let’s say I used 192.168.20.x, if I create multiple vms using the same machine they’re able to communicate, but if use the same 192.168.20.x on a different machine, the 2 machines using the 192.168.20.x aren’t able to communicate. Do you know why that is?
The 'simple' SDN is Proxmox node specific. You'd need vLAN or vxLAN to do multi-node. This would likely traverse your switch/firewall, unless you have a direct connection between Proxmox nodes.
Can you please do an explanation on how to configure SDN when the hosting provider gives you say 10 separate public ip addresses and gateways. As well as a whole ipv6 /64 sub net. I found your explanation very useful. will sub and follow.
Jim, thanks for your videos. I would like to know if it would be possible to run OPNSense on multiple hosts with pfsync using Proxmox SDN instead of multiple switches. I'm really new to home labbing.
I've setup the SDN like you and its working so far. On my internal network (unifi) I created a static route to reach the SDN, however I cannot ping a VM within the SDN. From a VM to my PC it works. Can you tell me what I need to do?
I am doingsome staff on this SDN feature. I want to learn about the EVPN feature but I really dont know how to setup it. I think this feature will help me to create cross cluster netowrk(Not just cross node).
I'm no network engineer...just a security engineer. What is the benefit of doing this vs just vlan on your physical firewall and segmenting it out that way? I'm assuming most companies aren't using "Proxmox" in true production environment, atleast I've never ran into it at any company I've worked for. Additionally, if you're using docker networking, then this becomes all quite convoluted and adds additionally complexity for management. I'd venture to guess this would be for more of an enterprise setup where you would want to isolate clients on separate vm networks? (i.e: proxmox in an enterprise setup). Just trying to understand the benefit of something like this.
Can be useful in cloud environments where all networking is software based. You can have a single wan IP, and lots of subnets behind proxmox. In a homelab it's useful for bandwidth, you can have fast networking between hosts rather than being limited by a physical switch. E.g., writing to a Nas can be very fast!
Vlan didn’t work since my switch isn’t vlan aware, also I needed a new subnet since this is being created for pfsync of my virtual pfsense HA setup. Used vxlan and worked right away.
How does a router/firewall machine work under an SDN? I have a single machine that I use for homelab testing and I would love to test SDN but also letting some VMs like OPNSense ones work on a SDN VNet, does it treat it like another virtual network bridge under Proxmox? Thank you for your video! I've just discovered your channel :)
I saw this a while ago, but I couldn't find a way to expose a service (port 80 for example) of a VM within an SDN subnet, do you know of any documentation on this?
Just followed this my self, works great except one thing, DNS is not working for me, it tries to set proxmox as the dns server but is not responding to requests from the lxc containers, havent found out why.
So could I use this to limit the traffic from say the different media servers so that for example only my jellyfin traffic gets out to the main network at home ?
Didn't see you pin any of the physical bonds or network cards, or bridge to SDN. How does the traffic from the SDN networks go upstream to the physical network cards and switches?
great video, thanks!! I have a weird issue though. On PVE 8.1.3, I created a vnet with dhcp and a valid range, however, the UI keeps saying "State: Changes", and when I hover over it, it says "Pending changes: my-ip-range-here". Clicking on Apply doesn't change that State, and rebooting the node doesn't either. I tried messing with the MTU to no avail. Did anybody experience that as well?
It's likely of limited use for most within a homelab environment, however, it does restrict inbound traffic. It's useful in the cloud if you only have limited IPs available.
@@Jims-Garage _ so far I use vyos to give DHCP to the EVPN network. When I see the "simple zone" again, there is no DHCP option. Maybe I have to upgrade to v8.1.
After applying the settings, I get the error "Could not run before_regenerate for DHCP plugin dnsmasq cannot reload with missing 'dnsmasq' package" with a fresh 8.1 installation...
Interesting, perhaps 8.1 doesn't come with everything you need as per the documents. There are typos all over the notes so I think it was rushed out (quest instead of guest). Have you tried installing the dependencies?
just do: apt update apt install dnsmasq systemctl disable --now dnsmasq nano /etc/network/interfaces, insert at the end of the file: source /etc/network/interfaces.d/* and it will work. thanks @Jims-Garage for the geeky stuff :) and i did not "fix" the MTU, the default works for me.
I'm still trying to figure out the purpose on this, so correct me if I'm wrong but this is a way to create a proxmox network for your nested opnsense network firewall to live in?
I tried this on a 3 node cluster and only one node works, the other two have a yellow triangle exclamation mark icon. You didn't show us what happens on your other proxmox-asus node so I'm not sure if I messed up my multiple attempts or your guide only works for a single node?
@@Jims-Garage Heh, "work it all out first". I've spent the last week googling and searching for any step by step guide that applies to a Proxmox cluster and... nothing. It's too complex to just throw stuff and see what sticks. My first few attempts just destroyed my working cluster, so I need a "simple" guide to follow. Like anything, once I have a working example in front of me, I'll be able to tweak it as needed and apply it elsewhere. Perhaps consider using a virtual 3-node VM cluster within Proxmox so the rest of us can follow along without destroying a real cluster.
so wait, if you created SDN, what is the speed of it? does it go through the physical NIC if it has to go out of Proxmox machine? what if not outside - then what is the speed?
@@Jims-Garage I thought so, thx for confirmation. But, what is then the difference between SDN and using another vmbrX with separate subnet? we can have many vmbr as well as many SDN, right?
I watched this video a few months ago, I tried to replicate the setup but I've got random issues. Today I tried again, I can't say there is a progress on that - the bridge interface isn't created, so dnsmasq complains about missing interface, ifreload sometimes exit with error code 1, because of missing interface in /sys/class... because of the missing interface the dhcp is not working correctly. So I will wait another few months and hope it will get sorted.
It wont let me apply the Network Device to the VM. This is the error VM 301 qmp command 'netdev_add' failed - network script /var/lib/qemu-server/pve-bridge-hotplug failed with status 512 I have a linux bond using my 4 ethernet ports on the server for link aggrogation. Is that the problem
Hello Jim again, I created a simple zone named `purple` within that zone i have two vnets (DMZ(192.168.1.0/24), SecOps(192.168.10.0/24)). I have a VM with IP 192.168.1.100 which can ping another VM in SecOps vnet 192.168.10.100 and also network where my proxmox is 192.168.16.0/24 but I cant ping 192.168.1.100 or 192.168.10.100 from 192.168.16.20? any hint or help is appreciated. thanks
I just wanted to take a moment to thank you for the fantastic work you are doing on your TH-cam channel. Your videos are incredibly informative and helpful.
I'm particularly interested in Proxmox and its SDN capabilities. If possible, I would love to see a deeper dive into this topic in your future videos. Your insights and detailed explanations would be greatly appreciated.
Thanks again for your hard work and dedication to educating others.
Best regards,
Christian
Thanks so much for the feedback, Christian. I will come back to it in future. Interested to see what it's capable of.
HI Jim, thanks for the video. Been waiting for a tutorial for SDN :) :) Would love to see a deep dive on this !!
No worries. I'll look to cover in more depth at a later time. It's pretty similar to a standard network though once you understand how to do the first one.
The only useful and concise guide around
@@Dinoy-lo thanks 👍
Excellent. Please explore more SDN configurations and use cases.
Jim. Quality video again. You have quickly become my favorite tech/homelab content creator. I definitely watch out for all your latest videos. Keep up the good work.
Thanks, I have something a little different planned for tonight 😊
Just discovered your channel, and you have videos for a lot of the stuff I am in the process of setting up in my homelab: Opensense, separating all VMs to a single VLAN, SSO, private CA...and experiment with Zero Trust ideas... without having use for any of it (but fun to play around with). So a +1 for the sub from me. ;)
Thanks, and welcome. Sounds like you have tons of exciting things planned. Zero trust is something I want to cover soon.
@@Jims-Garage A friend of mine has a zen-like saying: "Zero Trust is a road... not a destination". Quite the contrast from what we hear from big tech, advertising their products. ;) Working with security, this "assume breach"-way of looking at everything, is quite useful. Never had to do the "dirty work" myself, which is the reason for wanting to do it in my homelab.
Great video! New to SDN.. I'm trying to also include Netbox to get a bit more structured on my HomeLab and I connected it to PVE. Still learning and don't understand Netbox yet.. but making small steps. Might be something for you to look into! Like a video or 10 :)
Haha, thanks for the suggestion. I'll look into it.
your videos are getting better and better, thanks !!!
Appreciated, still learning 😂
Hi Jim,
Thank you for the SDN video.
There is very minimum content on proxmox SDN. Please make detailed video on it along with the whole scenario while the proxmox sever/s is/are connected to the switches in balance-rr or Active/Backup interface.
Thanks, I do plan to revisit in the future
Nice. It was always a pain in the neck to do this all manually. This is really a missing puzzle piece finally falling into place.
I totally agree. It's a welcome addition.
Really neat, been working on BGP EVPN at work for some time now and will definitely try out the integration!
Bgp is supported in Proxmox now
Thank for you covering this!
My pleasure!
Thanks for the vid, worked on the auto mtu, but had to do a restart to enter container console.
Great, thanks for confirming.
Hi Jim,
Thanks for your Tutorials. decent clean and easy to follow inc this one ;)
Plus 1 on comment of FTLN... woudl be nice to get e better overview , how different subnets via SDN can talk to eachother !
Thanks 👍
Great video! I've been looking for ages on how to set up NAT on Proxmox, but I can't seem to get this working on my end. My VM's are not being issued an IP address when using the SDN network bridge for some reason that I can't figure out.
Thanks Jim for the introduction to PVE 8.1 SDN. Looking at your /etc/network/interfaces file, the system hosts 2 x quad NIC adapters (or 4 of the same NIC card... twice). Where do you stop configuring the actual hypervisor and start configuring the data center's SDN? I have a cluster of physicals with an onboard NIC and a quad PCIe NIC card. The NIC's presented to the hypervisor are eno1 and enps0f0, enps0f1, enps0f2, and enps0f3. The latter 4 are configured in a lag bond0. Normally I would configure a vmbr1 to bond0, and VLAN's from vmbr1. I don't know where to stop configuring the hypervisor and start configuring SDN. If you're able to expand on that, would be excellent!
Thanks Jimbo!!!
@@Harlinization you're welcome
Hi Jim. Your quick. Asked yesterday and now already :), Great one. I am going to use it for my RKE2 Servers.The Apply button is a pain. Was looking for that one as well when it first came out.
Btw if you are wondering where the config files are? These are in /etc/pve/sdn
Great, thanks for letting me know
Nicely explained! Thanks
Glad it was helpful!
Hi Jim, great video again and clearly explained!
I was wondering if it would be possible to host a website with a cloudflare tunnel behind a SDN by limiting the access to only internet, pretty much like a vlan.
As it's a reverse tunnel I believe that would be possible.
Just to note, the "test" bridge in the VM's network option is the VNET name, not the Zone name.
Recently came across your channel and enjoy your videos. I have a 3 node cluster and looking to properly segment my network, in many ways, and I just set up a data/iscsi network with completely separate physical switches and NICs. Anything different, or special, to creating a data vlan? Would that be a separate zone since we want only the hosts having access to this network? Only way a VM needs access to it is to run the disks.
Good question, I haven't done that. I'd probably assign another virtual NIC to the machine on the right network/vlan.
@Jims-Garage thank you for the quick response! Think it should be a different zone? The zone part gets me hung up a bit. I know simple is all I need, just confused on when to use multiple if you had any advice.
Also, on a slightly different note... have you used Webmin? I recently came across it for a specific use case (bind9 management and ease of alerting, etc), and it seems to be a fantastic product for Linux servers. I wanted to see if you'd have an interest in a video on that since you can also cluster them and integrate them with your home lab.
One use case I think would be useful to cover is how to have these SDNs (especially VLANs which many of us use to segment our network) interact with existing mechanisms (e.g. existing pfSense / opnSense firewalls). What's a bit confusing to me is how one can continue to delegate things like DHCP to these firewalls while still using the automatic provisioning / VLAN tagging associated with the SDN features.
Thanks as always for this incredibly helpful content!
You're welcome. I'm going to revisit SDNs later with some more advanced setups.
This looks great ! what would be the example here when combining with a virtualised firewall such as sophos-xg?
It's effectively creating a separate software network behind Proxmox. This means inter-VM traffic on the same SDN isn't routed through the firewall (Sophos-XG).
Great video, Explained everything very well. Do you know how this can be used to port forward? I was thinking that maybe this could replace the times we had to create opnsense vms just to have a NAT network with web ports forwarded for hosting multiple different env apps.
Hi Jim, thanks for all the informative videos you make. I’m new to homelab and I tried to follow the video but I run into one problem. When I create the simple SDN, and let’s say I used 192.168.20.x, if I create multiple vms using the same machine they’re able to communicate, but if use the same 192.168.20.x on a different machine, the 2 machines using the 192.168.20.x aren’t able to communicate. Do you know why that is?
The 'simple' SDN is Proxmox node specific. You'd need vLAN or vxLAN to do multi-node. This would likely traverse your switch/firewall, unless you have a direct connection between Proxmox nodes.
Can you please do an explanation on how to configure SDN when the hosting provider gives you say 10 separate public ip addresses and gateways. As well as a whole ipv6 /64 sub net.
I found your explanation very useful. will sub and follow.
Jim, thanks for your videos. I would like to know if it would be possible to run OPNSense on multiple hosts with pfsync using Proxmox SDN instead of multiple switches. I'm really new to home labbing.
Yes, it should be possible with vxLAN. I'll try to cover this soon.
@@Jims-Garage This would be awesome
i'd like to see a deep dive into vxlan if possible.. thanks for the excellent video!
Thanks, it's on my to do list
I've setup the SDN like you and its working so far.
On my internal network (unifi) I created a static route to reach the SDN, however I cannot ping a VM within the SDN. From a VM to my PC it works.
Can you tell me what I need to do?
i think is more like the same as creating local vmbr without bridge-ports and integrate with iptables set to srcnat or masq for the internet
I am doingsome staff on this SDN feature. I want to learn about the EVPN feature but I really dont know how to setup it. I think this feature will help me to create cross cluster netowrk(Not just cross node).
I'm no network engineer...just a security engineer. What is the benefit of doing this vs just vlan on your physical firewall and segmenting it out that way? I'm assuming most companies aren't using "Proxmox" in true production environment, atleast I've never ran into it at any company I've worked for.
Additionally, if you're using docker networking, then this becomes all quite convoluted and adds additionally complexity for management. I'd venture to guess this would be for more of an enterprise setup where you would want to isolate clients on separate vm networks? (i.e: proxmox in an enterprise setup).
Just trying to understand the benefit of something like this.
Can be useful in cloud environments where all networking is software based. You can have a single wan IP, and lots of subnets behind proxmox.
In a homelab it's useful for bandwidth, you can have fast networking between hosts rather than being limited by a physical switch. E.g., writing to a Nas can be very fast!
Will the simple zone subnet span across nodes? Can VMs connect with each other across nodes or do I need VLAN or VXLAN?
I believe it requires vxlan and vlan.
Vlan didn’t work since my switch isn’t vlan aware, also I needed a new subnet since this is being created for pfsync of my virtual pfsense HA setup.
Used vxlan and worked right away.
@@TheArpitkoberoi great, that's good to know
How does a router/firewall machine work under an SDN?
I have a single machine that I use for homelab testing and I would love to test SDN but also letting some VMs like OPNSense ones work on a SDN VNet, does it treat it like another virtual network bridge under Proxmox?
Thank you for your video! I've just discovered your channel :)
I saw this a while ago, but I couldn't find a way to expose a service (port 80 for example) of a VM within an SDN subnet, do you know of any documentation on this?
@@diems2 you need to bridge it, by default everything is internal only.
Just followed this my self, works great except one thing, DNS is not working for me, it tries to set proxmox as the dns server but is not responding to requests from the lxc containers, havent found out why.
So could I use this to limit the traffic from say the different media servers so that for example only my jellyfin traffic gets out to the main network at home ?
Didn't see you pin any of the physical bonds or network cards, or bridge to SDN. How does the traffic from the SDN networks go upstream to the physical network cards and switches?
In this particular setup it doesn't, it's intra-node. It can be setup similar to you have expressed.
@@Jims-Garage Yes, thanks, Jim. Figured it out. I was nested proxmox inside of ESXi, the trunk ports do not work with nested virtualization.
great video, thanks!! I have a weird issue though. On PVE 8.1.3, I created a vnet with dhcp and a valid range, however, the UI keeps saying "State: Changes", and when I hover over it, it says "Pending changes: my-ip-range-here". Clicking on Apply doesn't change that State, and rebooting the node doesn't either. I tried messing with the MTU to no avail. Did anybody experience that as well?
Interesting. Have you looked in the syslog?
Can't really grab the use of SDN in a homelab where you already have a router like opnsense.
Is it like for more granular network control?
It's likely of limited use for most within a homelab environment, however, it does restrict inbound traffic. It's useful in the cloud if you only have limited IPs available.
@@Jims-Garage Its usefull when you are using ISP Router box, and you need some parts of your network sealed off from your main lan :)
Nice!
Thanks 👍
awesome, so we won't need a dedicated VM as router.
I tried using EVPN in proxmox 8.0, but I think "simple zone" is easier.
Technically, no. Albeit if you're referring to a firewall I strongly recommend one.
@@Jims-Garage _ so far I use vyos to give DHCP to the EVPN network.
When I see the "simple zone" again, there is no DHCP option. Maybe I have to upgrade to v8.1.
@@SatriaAdyPradana AFAIK this is an 8.1 feature
After applying the settings, I get the error "Could not run before_regenerate for DHCP plugin dnsmasq cannot reload with missing 'dnsmasq' package" with a fresh 8.1 installation...
Interesting, perhaps 8.1 doesn't come with everything you need as per the documents. There are typos all over the notes so I think it was rushed out (quest instead of guest). Have you tried installing the dependencies?
just do: apt update
apt install dnsmasq
systemctl disable --now dnsmasq
nano /etc/network/interfaces, insert at the end of the file: source /etc/network/interfaces.d/*
and it will work.
thanks @Jims-Garage for the geeky stuff :) and i did not "fix" the MTU, the default works for me.
@@lmontei glad to hear, thanks 👍
Hi, could you provide step for PowerDNS setup in Proxmox?
Amazing video 🎉 thanks for the great explanation, good work 🫂❤️
Thanks 👍
I'm still trying to figure out the purpose on this, so correct me if I'm wrong but this is a way to create a proxmox network for your nested opnsense network firewall to live in?
I tried this on a 3 node cluster and only one node works, the other two have a yellow triangle exclamation mark icon. You didn't show us what happens on your other proxmox-asus node so I'm not sure if I messed up my multiple attempts or your guide only works for a single node?
Simple SDN only works on a single node. You need vxlan for multi nodes.
@@Jims-Garage Right, thanks for the heads-up. So how about an evpn + vxlan SDN multi-node tutorial at some point 🙂
@@MarkConstable yes, it's on the list. Just need to work it all out first 😂
@@Jims-Garage Heh, "work it all out first". I've spent the last week googling and searching for any step by step guide that applies to a Proxmox cluster and... nothing. It's too complex to just throw stuff and see what sticks. My first few attempts just destroyed my working cluster, so I need a "simple" guide to follow. Like anything, once I have a working example in front of me, I'll be able to tweak it as needed and apply it elsewhere. Perhaps consider using a virtual 3-node VM cluster within Proxmox so the rest of us can follow along without destroying a real cluster.
MTU Auto works for me.
Ok great, thanks
so wait, if you created SDN, what is the speed of it? does it go through the physical NIC if it has to go out of Proxmox machine? what if not outside - then what is the speed?
The speed is probably more of a software/CPU issue as no interface is used (eg. NICs). It only goes through the NIC for external access.
@@Jims-Garage I thought so, thx for confirmation. But, what is then the difference between SDN and using another vmbrX with separate subnet? we can have many vmbr as well as many SDN, right?
I watched this video a few months ago, I tried to replicate the setup but I've got random issues.
Today I tried again, I can't say there is a progress on that - the bridge interface isn't created, so dnsmasq complains about missing interface, ifreload sometimes exit with error code 1, because of missing interface in /sys/class...
because of the missing interface the dhcp is not working correctly.
So I will wait another few months and hope it will get sorted.
Your mtu issues would've been caused by your physical switch, if you haven't set an mtu on the trunks upstream, you'll be limited to 1500.
@@MatthewYoung-b3w thanks. My understanding is that the traffic isn't touching the upstream switch though.
@@Jims-Garage it's a datacenter cluster, so it's distributed to all hosts
great for clustered vms
Absolutely, also helps with cable management 😂
Does it not support IPv6? I’m not seeing it at all in the GUI here.
It wont let me apply the Network Device to the VM. This is the error
VM 301 qmp command 'netdev_add' failed - network script /var/lib/qemu-server/pve-bridge-hotplug failed with status 512
I have a linux bond using my 4 ethernet ports on the server for link aggrogation. Is that the problem
I had to use MTU 1490 to get SDN to work, not sure what is going on
you need insall dnsmasq even if you doing fresh installation
Hello Jim again,
I created a simple zone named `purple` within that zone i have two vnets (DMZ(192.168.1.0/24), SecOps(192.168.10.0/24)). I have a VM with IP 192.168.1.100 which can ping another VM in SecOps vnet 192.168.10.100 and also network where my proxmox is 192.168.16.0/24 but I cant ping 192.168.1.100 or 192.168.10.100 from 192.168.16.20? any hint or help is appreciated. thanks
thanks, just had to add route "sudo ip route add 192.168.10.0/24 via 192.168.16.20" , 192.168.16.20 is the proxmox IP.
not working at all. vms get ips but cannot ping each other.
Check your firewall rules on the VMs. If you follow the guide they're on the same subnet so it's the only possibility. What OS are you using?
@@Jims-Garageubuntu 22.04 lxc containers on different nodes. on same node ping is reachable. on different nodes ping not reachable.
@@Jims-Garage using pve 8.1 and assigning sdn vmnet to difference lxc containers on different nodes. not reachable
@@hujosh8693 that's because simple SDN is node specific. You need vxlan for internode (I'm still to cover this)
@@Jims-Garagethank you.
Great