From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 8BCD3718D0 for ; Tue, 29 Jun 2021 12:31:59 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 7B002D81B for ; Tue, 29 Jun 2021 12:31:29 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id C9DB8D810 for ; Tue, 29 Jun 2021 12:31:28 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 990C7467AB; Tue, 29 Jun 2021 12:31:28 +0200 (CEST) Message-ID: Date: Tue, 29 Jun 2021 12:31:14 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:90.0) Gecko/20100101 Thunderbird/90.0 Content-Language: en-US To: Mark Schouten , Proxmox VE user list References: <5377d815-bde4-9ca8-8584-ff63a6eb27ba@proxmox.com> <0d129a03-9a70-e123-5e5a-e7862ef303ac@tuxis.nl> From: Thomas Lamprecht In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-SPAM-LEVEL: Spam detection results: 0 AWL 0.573 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -0.001 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [PVE-User] Proxmox VE 7.0 (beta) released! X-BeenThere: pve-user@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE user list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jun 2021 10:31:59 -0000 On 29.06.21 12:06, Mark Schouten wrote: > Hi, >=20 > Op 29-06-2021 om 11:46 schreef Thomas Lamprecht: >> Do you have some FW rules regarding MAC-Addresses or the like? >> As the MAC-Address selection changed in Proxmox VE 7 due to new defaul= t >> n systemd's network link policy, as listed in our known issues[0]. >=20 > There is no firewall configured on this cluster. On Stoiko's advice, I = changed the systemd-link-settings and now everything works again. Ah yeah, that advice was not posted to the list initially so I did not sa= w that... >=20 > I do not completely understand why that fixes it though.=C2=A0 Commenti= ng out MACAddressPolicy=3Dpersistent helps, but why? >=20 Because duplicate MAC addresses are not ideal, to say the least? I.e., quoting the second part of my original reply again: > It's now not the one of the first port anymore, but derived from interf= ace > name and `/etc/machine-id`, which in combination should be unique but a= lso > persistent. >=20 > But, for some ISO releases (4.0 to 5.3) the machine-id for the installe= d host > was not always re-generated, which could result in duplication of a MAC= for > identical named interfaces on two hosts. > We try to actively catch and fix that on upgrade by checking if the ID = is one > of the known static ones (it's just a handful of possible IDs) on upgra= de. >=20 > But if one cloned an machine (e.g., a colleague run into this in a demo= > virtualized PVE test clusters they cloned from a template) that ID will= be > duplicated and thus make problems. > That could be easily checked by comparing the `/etc/machine-id` content= and > be fixed by re-generation[1]. >=20