NethServer Version: your_version
We are running Nethserver on a Proxmox system. We were forced to perform a restore of the Nethserver VM, after which we are running in to issues.
Nethserver does not obtain an IP adress, and is hence is not accessable via the web portal. I ran the “db networks show” command which returned nothing.
Is it common to have these kind of issues after a restore? And any advice on how to proceed from this point?
And welcome to the NethServer community!
No, it’s not! I’m running about 30 NethServers for clients, (More than 5 years!) all of them in Proxmox.
I’ve had to do various restores in the past, before without PBS (Backup on NAS with NFS), now with PBS for most cases. Not one issue!
In all my cases I do not run any firewall on NethServer (except what is built in). NethServer does NOT run as Firewall! Firewalling and DNS / DHCP is always done by a hardware box running OPNsense!
This makes me think you’re not giving the full information. As a Server, NethServer should have it’s own LAN IP (static, not DHCP!). This implies you’re using a VM in Proxmox as Firewall (Yes, that workes well, I use this in Cloud Installations, but even then using OPNsense!).
This could be due to various issues, like NIC /VMBR change on Proxmox level, etc.
As you’re looking for support, and most of us here aren’t mind readers, please do provide at least version of NethServer, and something about your environment.
→ It does improve the solution times for any issues, and also helps users later on, when marked as solved!
My 2 cents
Thank you for your swift reply!
I’m fairly new to networking, VM’s and Nethserver. I do have some expercience in Linux though. I’ve inherited the setup from my predecessor with only some basic info handed over to me. So far I’ve been able to manage evertything in the web GUI. Untill we had to restore…
I don’t have access to the server right now. I’ll have a look at the Nethserver and Proxmox details later today. Any more data that would be usefull while I’m at it?
What I do know is that Nethserver was functioning as a domain controller, and was running as DNS / DHCP server.
All help and patience is greatly appreciated!
This might get you up to speed with Proxmox / NethServer:
Nowadays (2023!) one should NOT install directly on bare metal anymore.
One should use a good Class1 Hypervisor like Proxmox (VMWare ESXi, Citrix XEN, MS Hyper-V are also Class1 Hypervisors), which provides you with a hardware independant disaster recovery option, live backups, live migration clusters to full High Availabilitiy clusters.
Live Migrating a live Windows10 from an Intel based Hardware to an AMD based hardware takes around 90 seconds with shared Storage on 5 years old hardware… And NO blue screens, or license issues, despite live migration to quite different platforms (Intel / AMD).
All my clients use NethServer installed on Proxmox (Running mostly of NAS via NFS), and they all running NethServer as AD, Mail, File, Nextcloud and more…
It’s rock solid and stable!
My 2 Cents
So, I had another check.
Network interface at Proxmox level
iface lo inet loopback
iface eno1 inet manual
iface enp3s0 inet manual auto vmbr0
iface vmbr0 inet static
I’m getting the following at the NethServer summary,
db networks show
Returns nothing for NethServer
Pls show the network config for NethServer on Proxmox… (like this screenshot from my Proxmox in the cloud)
This shows the network config for NethServer (The Proxmox side of things)
My 2 cents
On Proxmox, you should run the QEMU-Guest-Agent (For all available VMs).
The Installation on NethServer is easy, but first you need a working Network…
looks quite messy with 6 unused disks! Remove them, once you have the VM back working…
Also the older i440fx Machine type. I’d switch here to Q35. Linux / NethServer usually has no issues with this. (I’ve done this several times on older NetServer VMs - no issues!).
Also the use of CPU Sockets should be limited - only use cores, but not sockets, unless running an old OS (Not Linux!). Sockets should only be used, if your hardware really has 2 or more CPUs on sockets.
I also use almost exclusively only KVM64 CPUs, never a specific one or Host. This enables seamless fast migration between Proxmox hosts no matter if AMD or Intel CPUs are being used.
What PCI devices are being used?
Also, what is on the USB3.1 connection? A disk for USB Backups?
My NethServer VMs never needed any PCI (Passthru or not!), nor do I use USB connections (at all).
Backups are done with Proxmox (To PBS), and nethServer backups to a NAS (Synology).
Once the Machine type is changed, try removing the Network NIC. Shutdown NethServer. Start the VM agaiin. Then re-add a Network NIC, VirtIO usually works very well.
Then test networking again.
For ANY of the above steps, do a full Backup of the VM with Proxmox!
An old adage of Administrators: Better a Backup too many, than One too little!
My 2 cents
Still nog luck with NethServer…
Things look better.
You still haven’t stated for what this second NIC is needed… I thought the NethServer is NOT your firewall…
And, even if NethServer is your Firewall, a second NIC as Passthru is NOT needed. create a second Bridge on Proxmox, and use that as NIC! (Eg create a vmbr1, coupled like vmbr0 to a NIC, and use that!
Do NOT set any IPs on the Proxmox side, only on the VM using this as Internet-NIC…
Backup to a USB device using Passthru is a bad idea on Proxmox, it often comes from people (your predecessor) without ANY idea of virtualization, and repeat mistakes done with hardware.
USB causes a lot of Interrupts, eating up your CPU for nothing!
This kinda reminds me of people who will add in two virtual disks (both running on the same hardware disks of Proxmox) just to have a RAID on NethServer… This is an absolute waste of CPU cycles!
Best is always have the Hypervisor (Here Proxmox) handle disk redundancy…
Better is to use a NAS, connected to the Network as a NFS share for Backups.
(For the future!)
You are aware that NethServer always has a firewall running? So there is NEVER any need to activvate the Firewall on each VMs NIC! (You have this activated, but I’m sure: not really configured!).
Best is have a box providing perimeter security as firewall. That way, even if Proxmox or NethServer is down, you always have Internet, DNS and DHCP working, so you can access the Internet for troubleshooting!
My 2 cents
Thanks for feedback Andy!
I had a suspicion that things were not setup in the best of ways… I would be more then happy to go through my setup and look for improvements, but first prio is to get things back online.
NethServer was setup as a firewall! DSL came in through NIC 1 and NIC 2 was connected to a switch.
How to proceed from this point?
NIC1 or NIC2 being the passthru NIC?
Switch connected to vmbr0 (eno1) , the PCI device was connected to DSL.