Show Posts
1
23.1 Legacy Series / Bridge / VMWare problems - physical port works, vmx1 does not?
« on: February 14, 2023, 11:41:17 am »
I'm running OPNSense 23.1_6 on an N5105 with 6 Intel i225-V's. It's running VMWare ESXi 8.0 with NICs in PCI passthrough mode to the OPNSense VM.
There is also a VM running a clean Debian 11.6 install, I want this VM to join the "domotica" network on my OPNSense install.
So I have:
- an interface ETH5_Domotica (opt5, igc1) on a passthrough NIC. A RPi is connected to this port and functions perfect.
- an interface ESXI_Domotica (opt7, vmx0) which is a VMWare NIC.
- a bridge BG_Domotica (bridge1) between ETH5_Domotica and ESXI_Domotica
- an interface Domotica (opt8, bridge1) on the bridge
Both ETH5_Domotica and ESXI_Domotica are enabled but have no IP set or DHCP server running. They both have a single firewall rule that allows all IPv4 traffic (I do not know if this is necessary).
The Domotica interface (on the bridge) is configured with a static IP 172.16.30.1(/21) and has a DHCP service enabled, providing leases between 172.16.30.100 and 172.16.31.250. It has a single firewall rule that allows all IPv4 traffic (I know this is necessary).
The raspberry pi connected on the physical ETH5_Domotica port works great, it can release/renew DHCP address and reach the internet as well as other clients.
In VMWare ESXi the interface ESXI_Domotica (from the OPNSense VM) is connected to a dedicated Domotica port group and vSwitch. Both of these allow promiscuous mode and mac address changes (I do not know for sure this is required).
The Debian 11.6 VM also has a network adapter which is connected to the Domotica port group / vSwitch.
The Debian 11.6 VM cannot acquire an IP address. When I set it to a static IP in the subnet (172.16.30.123), with the correct subnet (255.255.248.0) and gateway (172.16.30.1) it cannot reach the gateway (which is OPNSense).
I only see 1 (pass) message in Firewall->Log files->Live view that pass/block packets coming from anything other than the Raspberry Pi. But it's IPv6, so, no IPv4 traffic seemingly.
I have tried:
- Setting a static IP on the Debian install
- Ping: "Destination Host Unreachable"
- Telnet: "No route to host"
- Setting dhcp: a private IP address is assigned after a long wait (169.x.x.x)
I have no clue why the Debian VM is just completely unable to see OPNSense
There is also a VM running a clean Debian 11.6 install, I want this VM to join the "domotica" network on my OPNSense install.
So I have:
- an interface ETH5_Domotica (opt5, igc1) on a passthrough NIC. A RPi is connected to this port and functions perfect.
- an interface ESXI_Domotica (opt7, vmx0) which is a VMWare NIC.
- a bridge BG_Domotica (bridge1) between ETH5_Domotica and ESXI_Domotica
- an interface Domotica (opt8, bridge1) on the bridge
Both ETH5_Domotica and ESXI_Domotica are enabled but have no IP set or DHCP server running. They both have a single firewall rule that allows all IPv4 traffic (I do not know if this is necessary).
The Domotica interface (on the bridge) is configured with a static IP 172.16.30.1(/21) and has a DHCP service enabled, providing leases between 172.16.30.100 and 172.16.31.250. It has a single firewall rule that allows all IPv4 traffic (I know this is necessary).
The raspberry pi connected on the physical ETH5_Domotica port works great, it can release/renew DHCP address and reach the internet as well as other clients.
In VMWare ESXi the interface ESXI_Domotica (from the OPNSense VM) is connected to a dedicated Domotica port group and vSwitch. Both of these allow promiscuous mode and mac address changes (I do not know for sure this is required).
The Debian 11.6 VM also has a network adapter which is connected to the Domotica port group / vSwitch.
The Debian 11.6 VM cannot acquire an IP address. When I set it to a static IP in the subnet (172.16.30.123), with the correct subnet (255.255.248.0) and gateway (172.16.30.1) it cannot reach the gateway (which is OPNSense).
I only see 1 (pass) message in Firewall->Log files->Live view that pass/block packets coming from anything other than the Raspberry Pi. But it's IPv6, so, no IPv4 traffic seemingly.
Code: [Select]
ESXI_DOMOTICA 2023-02-14T11:07:30 fe80::20c:29ff:fe31:3487 ff02::2 ipv6-icmp IPv6 RFC4890 requirements (ICMP)
I have tried:
- Setting a static IP on the Debian install
- Ping: "Destination Host Unreachable"
- Telnet: "No route to host"
- Setting dhcp: a private IP address is assigned after a long wait (169.x.x.x)
I have no clue why the Debian VM is just completely unable to see OPNSense