LINUX.ORG.RU
ФорумAdmin

proxmox периодически падает сеть

 


0

1

Стоит ds на Hetzner. Периодически падает сеть. Пропадает сеть полностью. Приходится перезагружать сервер, потом работает где-то день. Характеристики сервера: Intel Core i7-6700 2x RAM 16384 MB DDR4 2x SSD SATA 512 GB

На сервере подняты 2 виртуальные машины ubuntu 20.04, сети у машин VirtIO (paravirtualized). pveversion:

 pveversion -v
proxmox-ve: 6.4-1 (running kernel: 5.4.157-1-pve)
pve-manager: 6.4-13 (running version: 6.4-13/9f411e79)
pve-kernel-5.4: 6.4-11
pve-kernel-helper: 6.4-11
pve-kernel-5.4.157-1-pve: 5.4.157-1
pve-kernel-4.15: 5.4-19
pve-kernel-4.15.18-30-pve: 4.15.18-58
ceph-fuse: 12.2.11+dfsg1-2.1+b1
corosync: 3.1.5-pve2~bpo10+1
criu: 3.11-3
glusterfs-client: 5.5-3
ifupdown: 0.8.35+pve1
libjs-extjs: 6.0.1-10
libknet1: 1.22-pve2~bpo10+1
libproxmox-acme-perl: 1.1.0
libproxmox-backup-qemu0: 1.1.0-1
libpve-access-control: 6.4-3
libpve-apiclient-perl: 3.1-3
libpve-common-perl: 6.4-4
libpve-guest-common-perl: 3.1-5
libpve-http-server-perl: 3.2-3
libpve-storage-perl: 6.4-1
libqb0: 1.0.5-1
libspice-server1: 0.14.2-4~pve6+1
lvm2: 2.03.02-pve4
lxc-pve: 4.0.6-2
lxcfs: 4.0.6-pve1
novnc-pve: 1.1.0-1
proxmox-backup-client: 1.1.13-2
proxmox-mini-journalreader: 1.1-1
proxmox-widget-toolkit: 2.6-1
pve-cluster: 6.4-1
pve-container: 3.3-6
pve-docs: 6.4-2
pve-edk2-firmware: 2.20200531-1
pve-firewall: 4.1-4
pve-firmware: 3.3-2
pve-ha-manager: 3.1-1
pve-i18n: 2.3-1
pve-qemu-kvm: 5.2.0-6
pve-xtermjs: 4.7.0-3
qemu-server: 6.4-2
smartmontools: 7.2-pve2
spiceterm: 3.1-1
vncterm: 1.6-2
zfsutils-linux: 2.0.6-pve1~bpo10+1

Настройка сети на хосте:

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback
iface lo inet6 loopback

auto enp0s31f6
iface enp0s31f6 inet static
  address ip-hetzner
  netmask 255.255.255.192
  pointopoint шлюз-хетзнер
  gateway шлюз-хетзнер
  
iface enp0s31f6 inet6 static
  address 2a01:4f8:172:10de::2
  netmask 64
  gateway fe80::1

iface enp0s31f6.4000 inet manual
auto vmbr4000
iface vmbr4000 inet manual
  bridge-ports enp0s31f6.4000
  bridge-stp off
  bridge-fd 0
  mtu 1400
  up ip addr add 192.168.100.2/24 dev vmbr4000
  metric 20
  post-up echo 1 > /proc/sys/net/ipv4/ip_forward

auto vmbr1
iface vmbr1 inet manual
bridge-ports none
  bridge-stp off
  bridge-fd 0
  up ip addr add 192.168.1.1/24 dev vmbr1
  metric 30
  post-up echo 1 > /proc/sys/net/ipv4/ip_forward
  post-up iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o enp0s31f6 -j MASQUERADE
  post-down iptables -t nat -D POSTROUTING -s 192.168.1.0/24 -o enp0s31f6 -j MASQUERADE

auto vmbr2
iface vmbr2 inet manual
  bridge-ports none
  bridge-stp off
  bridge-fd 0
  up ip addr add 172.20.1.1/12 dev vmbr2
  post-up echo 1 > /proc/sys/net/ipv4/ip_forward
  post-up iptables -t nat -A POSTROUTING -s 172.20.1.0/12 -o vmbr4000 -j MASQUERADE
  post-down iptables -t nat -D POSTROUTING -s 172.20.1.0/12 -o vmbr4000 -j MASQUERADE

Интерфейс enp0s31f6.4000 через vlan коннектится с другим ds с такими же настройками (Только ip на том 192.168.100.3/24). У виртуальной машины 2 сетевых интерфейса: vmbr1 через MASQUERADE идет в интернет, vmbr2 перенаправляется в vlan vmbr4000

Log /var/log/messages

Jan  9 00:00:02 TarabKira rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="588" x-info="https://www.rsyslog.com"] rsyslogd was HUPed
Jan  9 00:06:10 TarabKira kernel: [294007.528832] vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan  9 00:06:14 TarabKira kernel: [294011.622777] e1000e: enp0s31f6 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Jan  9 00:06:14 TarabKira kernel: [294011.623071] vmbr4000: port 1(enp0s31f6.4000) entered blocking state
Jan  9 00:06:14 TarabKira kernel: [294011.623172] vmbr4000: port 1(enp0s31f6.4000) entered forwarding state
Jan  9 00:17:37 TarabKira kernel: [294694.616916] vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan  9 00:17:41 TarabKira kernel: [294698.226216] e1000e: enp0s31f6 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Jan  9 00:17:41 TarabKira kernel: [294698.226502] vmbr4000: port 1(enp0s31f6.4000) entered blocking state
Jan  9 00:17:41 TarabKira kernel: [294698.226604] vmbr4000: port 1(enp0s31f6.4000) entered forwarding state
Jan  9 00:30:28 TarabKira kernel: [295465.420335] vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan  9 00:30:32 TarabKira kernel: [295469.117002] e1000e: enp0s31f6 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Jan  9 00:30:32 TarabKira kernel: [295469.117302] vmbr4000: port 1(enp0s31f6.4000) entered blocking state
Jan  9 00:30:32 TarabKira kernel: [295469.117403] vmbr4000: port 1(enp0s31f6.4000) entered forwarding state
Jan  9 00:37:31 TarabKira kernel: [295888.581183] vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan  9 00:37:35 TarabKira kernel: [295892.728702] e1000e: enp0s31f6 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Jan  9 00:37:35 TarabKira kernel: [295892.728950] vmbr4000: port 1(enp0s31f6.4000) entered blocking state
Jan  9 00:37:35 TarabKira kernel: [295892.729053] vmbr4000: port 1(enp0s31f6.4000) entered forwarding state
Jan  9 00:46:08 TarabKira kernel: [296405.436264] vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan  9 00:46:12 TarabKira kernel: [296409.495098] e1000e: enp0s31f6 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Jan  9 00:46:12 TarabKira kernel: [296409.495416] vmbr4000: port 1(enp0s31f6.4000) entered blocking state
Jan  9 00:46:12 TarabKira kernel: [296409.495517] vmbr4000: port 1(enp0s31f6.4000) entered forwarding state
Jan  9 00:54:57 TarabKira kernel: [296934.583042] vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan  9 00:55:01 TarabKira kernel: [296938.678079] e1000e: enp0s31f6 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Jan  9 00:55:01 TarabKira kernel: [296938.678357] vmbr4000: port 1(enp0s31f6.4000) entered blocking state
Jan  9 00:55:01 TarabKira kernel: [296938.678458] vmbr4000: port 1(enp0s31f6.4000) entered forwarding state
Jan  9 01:19:54 TarabKira kernel: [298431.641698] vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan  9 01:19:58 TarabKira kernel: [298435.717802] e1000e: enp0s31f6 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Jan  9 01:19:58 TarabKira kernel: [298435.718090] vmbr4000: port 1(enp0s31f6.4000) entered blocking state
Jan  9 01:19:58 TarabKira kernel: [298435.718191] vmbr4000: port 1(enp0s31f6.4000) entered forwarding state

незнаю почему здесь показывает e1000e, когда стоит virtio brctl show vmbr4000:

bridge name     bridge id               STP enabled     interfaces
vmbr4000                8000.901b0eaba507       no              enp0s31f6.4000

Какие советы можете дать? Спасибо!

Ответ на: комментарий от Black_Shadow

dmesg -T показывает:

[Sun Jan  9 12:27:37 2022] new mount options do not match the existing superblock, will be ignored
[Sun Jan  9 12:27:37 2022] softdog: initialized. soft_noboot=0 soft_margin=60 sec soft_panic=0 (nowayout=0)
[Sun Jan  9 12:27:40 2022] e1000e: enp0s31f6 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
[Sun Jan  9 12:27:40 2022] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s31f6: link becomes ready
[Sun Jan  9 12:27:41 2022] 8021q: 802.1Q VLAN Support v1.8
[Sun Jan  9 12:27:41 2022] vmbr4000: port 1(enp0s31f6.4000) entered blocking state
[Sun Jan  9 12:27:41 2022] vmbr4000: port 1(enp0s31f6.4000) entered disabled state
[Sun Jan  9 12:27:41 2022] device enp0s31f6.4000 entered promiscuous mode
[Sun Jan  9 12:27:41 2022] device enp0s31f6 entered promiscuous mode
[Sun Jan  9 12:27:41 2022] vmbr4000: port 1(enp0s31f6.4000) entered blocking state
[Sun Jan  9 12:27:41 2022] vmbr4000: port 1(enp0s31f6.4000) entered forwarding state
[Sun Jan  9 12:27:42 2022] bpfilter: Loaded bpfilter_umh pid 1004
[Sun Jan  9 12:27:42 2022] Started bpfilter
[Sun Jan  9 12:27:42 2022] kauditd_printk_skb: 3 callbacks suppressed
[Sun Jan  9 12:27:42 2022] audit: type=1400 audit(1641727662.810:14): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/usr/bin/lxc-start" pid=1170 comm="apparmor_parser"
[Sun Jan  9 12:27:42 2022] audit: type=1400 audit(1641727662.818:15): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="lxc-container-default" pid=1187 comm="apparmor_parser"
[Sun Jan  9 12:27:42 2022] audit: type=1400 audit(1641727662.818:16): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="lxc-container-default-cgns" pid=1187 comm="apparmor_parser"
[Sun Jan  9 12:27:42 2022] audit: type=1400 audit(1641727662.818:17): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="lxc-container-default-with-mounting" pid=1187 comm="apparmor_parser"
[Sun Jan  9 12:27:42 2022] audit: type=1400 audit(1641727662.818:18): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="lxc-container-default-with-nesting" pid=1187 comm="apparmor_parser"
[Sun Jan  9 12:27:46 2022] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[Sun Jan  9 12:27:46 2022] device tap100i0 entered promiscuous mode
[Sun Jan  9 12:27:46 2022] vmbr1: port 1(tap100i0) entered blocking state
[Sun Jan  9 12:27:46 2022] vmbr1: port 1(tap100i0) entered disabled state
[Sun Jan  9 12:27:46 2022] vmbr1: port 1(tap100i0) entered blocking state
[Sun Jan  9 12:27:46 2022] vmbr1: port 1(tap100i0) entered forwarding state
[Sun Jan  9 12:27:46 2022] device tap100i1 entered promiscuous mode
[Sun Jan  9 12:27:46 2022] vmbr2: port 1(tap100i1) entered blocking state
[Sun Jan  9 12:27:46 2022] vmbr2: port 1(tap100i1) entered disabled state
[Sun Jan  9 12:27:46 2022] vmbr2: port 1(tap100i1) entered blocking state
[Sun Jan  9 12:27:46 2022] vmbr2: port 1(tap100i1) entered forwarding state
[Sun Jan  9 12:27:50 2022] device tap101i0 entered promiscuous mode
[Sun Jan  9 12:27:50 2022] vmbr1: port 2(tap101i0) entered blocking state
[Sun Jan  9 12:27:50 2022] vmbr1: port 2(tap101i0) entered disabled state
[Sun Jan  9 12:27:50 2022] vmbr1: port 2(tap101i0) entered blocking state
[Sun Jan  9 12:27:50 2022] vmbr1: port 2(tap101i0) entered forwarding state

но это похоже сообщение после загрузки. Извините я незнаю как показать предыдущий сеанс в dmesg

tarabukinivan ()
Ответ на: комментарий от Black_Shadow

Но journalctl -o short-precise -k -b -1:

Jan 09 12:25:49.864244 TarabKira kernel: e1000e 0000:00:1f.6 enp0s31f6: Reset adapter unexpectedly
Jan 09 12:25:50.168202 TarabKira kernel: vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan 09 12:25:51.344302 TarabKira kernel: vmbr1: port 1(tap101i0) entered disabled state
Jan 09 12:25:51.468175 TarabKira kernel: vmbr1: port 2(tap100i0) entered disabled state
Jan 09 12:25:51.652186 TarabKira kernel: vmbr2: port 1(tap100i1) entered disabled state
Jan 09 12:25:54.268163 TarabKira kernel: e1000e: enp0s31f6 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Jan 09 12:25:54.268255 TarabKira kernel: vmbr4000: port 1(enp0s31f6.4000) entered blocking state
Jan 09 12:25:54.268282 TarabKira kernel: vmbr4000: port 1(enp0s31f6.4000) entered forwarding state
Jan 09 12:25:57.028904 TarabKira kernel: e1000e 0000:00:1f.6 enp0s31f6: Detected Hardware Unit Hang:
                                           TDH                  <0>
                                           TDT                  <2>
                                           next_to_use          <2>
                                           next_to_clean        <0>
                                         buffer_info[next_to_clean]:
                                           time_stamp           <100401c50>
                                           next_to_watch        <0>
                                           jiffies              <100401f00>
                                           next_to_watch.status <0>
                                         MAC Status             <80083>
                                         PHY Status             <bea8>
                                         PHY 1000BASE-T Status  <d4f6>
                                         PHY Extended Status    <a13b>
                                         PCI Status             <10>
Jan 09 12:25:58.920332 TarabKira kernel: e1000e 0000:00:1f.6 enp0s31f6: Detected Hardware Unit Hang:
                                           TDH                  <0>
                                           TDT                  <2>
                                           next_to_use          <2>
                                           next_to_clean        <0>
                                         buffer_info[next_to_clean]:
                                           time_stamp           <100401c50>
                                           next_to_watch        <0>
                                           jiffies              <1004020d8>
                                           next_to_watch.status <0>
                                         MAC Status             <80083>
                                         PHY Status             <796d>
                                         PHY 1000BASE-T Status  <7800>
                                         PHY Extended Status    <3000>
                                         PCI Status             <10>
Jan 09 12:26:00.108304 TarabKira kernel: e1000e 0000:00:1f.6 enp0s31f6: Reset adapter unexpectedly
Jan 09 12:26:00.388133 TarabKira kernel: vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan 09 12:26:00.708341 TarabKira kernel: device enp0s31f6 left promiscuous mode
Jan 09 12:26:00.708433 TarabKira kernel: device enp0s31f6.4000 left promiscuous mode
Jan 09 12:26:00.708453 TarabKira kernel: vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan 09 12:26:01.224175 TarabKira kernel: e1000e: enp0s31f6 NIC Link is Down
Jan 09 12:26:01.288167 TarabKira kernel: printk: systemd-shutdow: 41 output lines suppressed due to ratelimiting
Jan 09 12:26:01.300146 TarabKira systemd-shutdown[1]: Syncing filesystems and block devices.
Jan 09 12:26:01.312159 TarabKira systemd-shutdown[1]: Sending SIGTERM to remaining processes...

tarabukinivan ()
Ответ на: комментарий от Black_Shadow

journalctl -o short-precise -k -b -2

Jan 09 07:39:13.852163 TarabKira kernel: e1000e 0000:00:1f.6 enp0s31f6: Detected Hardware Unit Hang:
                                           TDH                  <0>
                                           TDT                  <5>
                                           next_to_use          <5>
                                           next_to_clean        <0>
                                         buffer_info[next_to_clean]:
                                           time_stamp           <1001e9646>
                                           next_to_watch        <0>
                                           jiffies              <1001ea090>
                                           next_to_watch.status <0>
                                         MAC Status             <80083>
                                         PHY Status             <796d>
                                         PHY 1000BASE-T Status  <7800>
                                         PHY Extended Status    <3000>
                                         PCI Status             <10>
Jan 09 07:39:14.044158 TarabKira kernel: e1000e 0000:00:1f.6 enp0s31f6: Reset adapter unexpectedly
Jan 09 07:39:14.348026 TarabKira kernel: vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan 09 07:39:14.676188 TarabKira kernel: device enp0s31f6 left promiscuous mode
Jan 09 07:39:14.676265 TarabKira kernel: vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan 09 07:39:14.676312 TarabKira kernel: device enp0s31f6.4000 left promiscuous mode
Jan 09 07:39:14.676343 TarabKira kernel: vmbr4000: port 1(enp0s31f6.4000) entered disabled state
Jan 09 07:39:15.535960 TarabKira kernel: e1000e: enp0s31f6 NIC Link is Down
Jan 09 07:39:15.595999 TarabKira kernel: printk: systemd-shutdow: 41 output lines suppressed due to ratelimiting
Jan 09 07:39:15.607989 TarabKira systemd-shutdown[1]: Syncing filesystems and block devices.
Jan 09 07:39:15.620363 TarabKira systemd-shutdown[1]: Sending SIGTERM to remaining processes...

tarabukinivan ()
Ответ на: комментарий от Black_Shadow

Сделал так, надеюсь правильно, или достаточно на главном интерфейсе?

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback
iface lo inet6 loopback

auto enp0s31f6
iface enp0s31f6 inet static
  address 46.4.96.45
  offload-gso off
  offload-gro off
  offload-tso off
  offload-rx off
  offload-tx off
  offload-rxvlan off
  offload-txvlan off
  offload-sg off
  offload-ufo off
  offload-lro off
  hwaddress 90:1b:0e:8e:45:f8
  netmask 255.255.255.224
  pointopoint 46.4.96.33
  gateway 46.4.96.33
  # route 46.4.96.32/27 via 46.4.96.33
#  up route add -net 46.4.96.32 netmask 255.255.255.224 gw 46.4.96.33 dev enp0s31f6

iface enp0s31f6.4000 inet manual
auto vmbr4000
iface vmbr4000 inet manual
  offload-gso off
  offload-gro off
  offload-tso off
  offload-rx off
  offload-tx off
  offload-rxvlan off
  offload-txvlan off
  offload-sg off
  offload-ufo off
  offload-lro off

  hwaddress 90:1b:0e:8e:45:f8
  bridge-ports enp0s31f6.4000
  bridge-stp off
  bridge-fd 0
  mtu 1400
  up ip addr add 192.168.100.3/24 dev vmbr4000
  metric 20
  post-up echo 1 > /proc/sys/net/ipv4/ip_forward

iface enp0s31f6 inet6 static
        address 2a01:4f8:172:10de::2/64
        gateway fe80::1

auto vmbr1
iface vmbr1 inet manual
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        up ip addr add 192.168.1.1/24 dev vmbr1
        metric 30
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o enp0s31f6 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s 192.168.1.0/24 -o enp0s31f6 -j MASQUERADE

auto vmbr2
iface vmbr2 inet manual
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        up ip addr add 172.20.1.2/12 dev vmbr2
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -t nat -A POSTROUTING -s 172.20.1.0/12 -o vmbr4000 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s 172.20.1.0/12 -o vmbr4000 -j MASQUERADE


tarabukinivan ()
Ответ на: комментарий от tarabukinivan

только для физического интерфейса, но может и не прокатить, у меня есть вот такая железка - Ethernet controller: Intel Corporation Ethernet Connection (7) I219-V (rev 10), ей не помогает

Bloody ★★ ()
Для того чтобы оставить комментарий войдите или зарегистрируйтесь.