I am trying to set up OPNSense VM inside a Proxmox, which is running in a Azure VM with nesting enabled. I have my reasons to do it, so please spare me the "why not go native" questions.
Since azure VMs don't support vIOMMU (note the "v" in vIOMMU stands for virtualized IOMMU, for L2 instances), I cannot pass the interface further from Proxmox to OPNSense, so I need to get by using bridges.
The host configuration is: – eth0 – vmbr0 with eth0 assigned to it
The configuration is:
iface eth0 inet manual
iface vmbr0 inet manual
The guest configuration is: – VirtIO NIC attached to vmbr0, with MAC overridden using same address as the eth0 – Firewall: NO – MAC Filter: NO
Running dhclient on eth0 or vmbr0 correctly discovers and assigns an IP address.
I also checked the traffic on both ends using tcpdump, and, interestingly, vmbr0 does see the DHCP requests coming from the VM, and the ISP does respond, but that response never reaches the VM, nor the tap interface corresponding to the VM that Proxmox assigned to the bridge.