Proxmox 5.2.1 LXC can send packets but doesnt receive any packets

Arne Hude arne.hude at arnehude.de
Fri Jul 6 21:45:52 CEST 2018

i've just set up a Proxmox VE (newest stable release) Setup on a KVM
from Netcup.
Also i've got a secondary IP for use at this Server.

What my plans are:

- Hypervisor with one external IP
- A LXC-Container with another external IP

- Hypervisor on external IP
- up to 16 bridges each with another local network for interconnecting
the LXC-Containers (Failure-Safeing)
- at least one Container from each bridge reachable from external via an
ip bought from my hoster

This is my *HOST *network-config:

auto lo
iface lo inet loopback

iface ens3 inet manual

auto vmbr0
iface vmbr0 inet static

        address 94.16.xxx.232
        gateway 94.16.xxx.1
        bridge_ports ens3
        bridge_stp off
        bridge_fd 1

        pointopoint 94.16.xxx.1
        bridge_hello 2
        bridge_maxage 12
        bridge_maxwait 0

        post-up route add 46.38.xxx.250/32 dev vmbr0

Also i've set

sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
sysctl -w net.ipv6.conf.all.proxy_ndp=1

Firewall and iptables are off or empty.

The container network is set up like this:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
        address 46.38.xxx.250
        post-up ip route add 94.16.xxx.232 dev eth0
        post-up ip route add default via 94.16.xxx.232 dev eth0
        pre-down ip route del default via 94.16.xx.232 dev eth0
        pre-down ip route del 94.16.xxx.232 dev eth0

So far so good.
Now i get into trouble. if i want to ping my container, the ICMP-Request
get lost between my hypervisor and the container. In Conclusion, i can
reach the outside world from inside the container but as far as i want a
respond its getting lost in the internal network.

For setup i used a "tutorial" as far as it is suitable for me
(German)::  anysrc:Netcup KVM vServer und LXC Container

I'll hope you can help me with this problem im worring with...

Hopefully someone of you has a clue., whats wrong about my setup..

