Join Log in
Score:0
Gilberto Martins avatar Server

After upgrading Debian in my OVH PVE, I just can't access its SSH or WebManager

cn flag
Gilberto Martins

This PVE has 1 VM in it. After updating the PVE OS (Debian) it has been rebooted. Since then I can't access either its SSH or the webmanager, BUT I can SSH the VM in it!!!

The only way to access the PVE is by OVH's IPMI.

These are some of PVE's configuration files:

/etc/network/interfaces

auto lo
iface lo inet loopback
    dns-nameservers 213.186.33.99

auto eth0
iface eth0 inet dhcp
    mtu 1500

auto eth1
iface eth1 inet manual
    
# Internet Interface 
auto vmbr0
iface vmbr0 inet manual
  # Interface externa - NAO USAR
  bridge-ports eth0
  bridge-stp off
  bridge-fd 0
    
# Tools Network
auto vmbr1
iface vmbr1 inet manual
  # Tools Network - 172.22.10.0/27
  bridge-ports dummy1
  bridge-stp off
  bridge-fd 0
    
# DataBase Network
auto vmbr2
iface vmbr2 inet manual
  # DataBase Network - 172.22.20.0/27
  bridge-ports dummy2
  bridge-stp off
  bridge-fd 0

/etc/network/interfaces.d/50-cloud-init.txt

# This file is generated from information provided by the datasource.  Changes
# to it will not persist across an instance reboot.  To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
auto lo
iface lo inet loopback
    dns-nameservers 213.186.33.99

auto eth0
iface eth0 inet dhcp
    mtu 1500

ip route

default via X.Y.Z.254 dev eth0 
X.Y.Z.0/24 dev eth0 proto kernel scope link src X.Y.Z.70

sudo iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

sudo iptables -L -t nat

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

cat /etc/resolv.con

nameserver 213.186.33.99

ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP group default qlen 1000
    link/ether d0:50:99:QQ:WW:EE brd ff:ff:ff:ff:ff:ff
    inet ZZ.SS.DD.70/24 brd ZZ.SS.DD.255 scope global dynamic eth0
       valid_lft 28697sec preferred_lft 28697sec
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether d0:50:99:QQ:WW:YY brd ff:ff:ff:ff:ff:ff
    inet6 fe80::d250:99KK:QQQQ:WWYY/64 scope link 
       valid_lft forever preferred_lft forever
4: usb0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 5a:30:4e:ad:71:04 brd ff:ff:ff:ff:ff:ff
5: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether d0:50:99:QQ:WW:EE brd ff:ff:ff:ff:ff:ff
    inet6 fe80::d250:99KK:QQQQ:WWYZ/64 scope link 
       valid_lft forever preferred_lft forever
6: vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 7e:69:35:9d:03:fa brd ff:ff:ff:ff:ff:ff
    inet6 fe80::e8a9:dfKK:QQ79:d2cf/64 scope link 
       valid_lft forever preferred_lft forever
7: vmbr2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 8e:65:e7:d3:d7:47 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::281b:9eKK:QQfa:4710/64 scope link 
       valid_lft forever preferred_lft forever
23: veth201i0@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr201i0 state UP group default qlen 1000
    link/ether fe:bb:55:ee:90:01 brd ff:ff:ff:ff:ff:ff link-netnsid 0
24: fwbr201i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 56:11:66:88:93:ba brd ff:ff:ff:ff:ff:ff
25: fwpr201p0@fwln201i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr1 state UP group default qlen 1000
    link/ether 7e:69:33:99:03:fa brd ff:ff:ff:ff:ff:ff
26: fwln201i0@fwpr201p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr201i0 state UP group default qlen 1000
    link/ether 56:11:fb:88:93:ba brd ff:ff:ff:ff:ff:ff
27: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr0 state UNKNOWN group default qlen 1000
    link/ether 46:01:54:51:bd:88 brd ff:ff:ff:ff:ff:ff
28: tap100i1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr1 state UNKNOWN group default qlen 1000
    link/ether d6:60:c8:62:be:45 brd ff:ff:ff:ff:ff:ff
29: tap100i2: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr2 state UNKNOWN group default qlen 1000
    link/ether 8e:65:e7:d3:d7:47 brd ff:ff:ff:ff:ff:ff

But interestingly, I can see SYN arriving through it's external interface:

sudo tcpdump -ni eth0 port 22

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:40:03.442066 IP 1.219.220.158.18341 > ZZ.SS.DD.70.22: Flags [S], seq 2503481414, win 35940, length 0
18:40:04.098233 IP 177.158.142.233.58016 > ZZ.SS.DD.70.22: Flags [S], seq 684607315, win 64240, options [mss 1452,sackOK,TS val 2105457695 ecr 0,nop,wscale 7], length 0
18:40:05.118750 IP 177.158.142.233.58016 > ZZ.SS.DD.70.22: Flags [S], seq 684607315, win 64240, options [mss 1452,sackOK,TS val 2105458715 ecr 0,nop,wscale 7], length 0
18:40:07.129472 IP 177.158.142.233.58016 > ZZ.SS.DD.70.22: Flags [S], seq 684607315, win 64240, options [mss 1452,sackOK,TS val 2105460727 ecr 0,nop,wscale 7], length 0
18:40:11.194343 IP 177.158.142.233.58016 > ZZ.SS.DD.70.22: Flags [S], seq 684607315, win 64240, options [mss 1452,sackOK,TS val 2105464791 ecr 0,nop,wscale 7], length 0

5 packets captured
5 packets received by filter
0 packets dropped by kernel

What am I missing here???

133
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.