<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"DejaVu Sans";
panose-1:2 11 6 3 3 8 4 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Courier New";}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal>I posted this on the Ubuntu forums, but realized that this might be the more appropriate place to post it.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"DejaVu Sans","sans-serif";color:black;background:#EBECE4'>I'm getting very unpredictable results from an environment I have set up for LXC. </span><span style='font-size:10.0pt;font-family:"DejaVu Sans","sans-serif";color:black'><br><br><span style='background:#EBECE4'>I run windows 7 on my laptop, where I run a virtual box instance of ubuntu 12.10 server. </span><br><br><span style='background:#EBECE4'>Virtualbox is set up to use NAT on network 10.1.x.x/16, default gateway of 10.1.0.2 (these IPs match the IPs that these containers will use on production hardware later). This works fine, both the Host OS can access the internet and containers (sometimes) can. So configuration is good.</span><br><br><span style='background:#EBECE4'>But sometimes a container OS won't be able to access the internet.</span><br><br><span style='background:#EBECE4'>I've configure br0 on the host OS to bridge between the container OSs and the Hosts eth0 (static IP configured on the host, <b>not</b> using lxcbr0 for NAT). </span><br><br><span style='background:#EBECE4'>Yesterday I had a case where the container couldn't access the internet. I could ping the host OS, but pinging the router at 10.1.0.2 failed. When I did a tcpdump on the host OS I could see ICMP packets from the container and the response from the router, but I didn't get that on the container. A full reboot of my laptop fixed the problem (arrrrggggg!!!)</span><br><br><span style='background:#EBECE4'>I'm working with a container today that works fine, networking is working. But when I cloned that container and set the new container to an IP of 10.1.0.45 (the original being 10.1.0.4) that one can't access the router. Pinging the host OS works, pinging other containers work, but I cannot ping the default gateway. Again, tcpdump on the host shows me the traffic to and from the router, but the container doesn't get it.</span><br><br></span><span style='font-size:12.0pt;font-family:"Times New Roman","serif"'><o:p></o:p></span></p><p class=MsoNormal style='line-height:11.25pt;background:#EBECE4'><span style='font-size:10.0pt;font-family:"DejaVu Sans","sans-serif";color:black'>Code:<o:p></o:p></span></p><div style='mso-element:para-border-div;border:inset 1.0pt;padding:5.0pt 5.0pt 5.0pt 5.0pt;background:#EFEFEF'><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>davidparks21@hostOS:~$ sudo tcpdump icmp<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>tcpdump: WARNING: eth0: no IPv4 address assigned<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>tcpdump: verbose output suppressed, use -v or -vv for full protocol decode<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>11:56:44.356877 IP 10.1.0.45 > 10.1.0.2: ICMP echo request, id 336, seq 46, length 64<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>11:56:44.357964 IP 10.1.0.2 > 10.1.0.45: ICMP echo reply, id 336, seq 46, length 64<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>11:56:45.356940 IP 10.1.0.45 > 10.1.0.2: ICMP echo request, id 336, seq 47, length 64<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>11:56:45.357718 IP 10.1.0.2 > 10.1.0.45: ICMP echo reply, id 336, seq 47, length 64<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'><o:p> </o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'><o:p> </o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>davidparks21@hostOS:~$ arp -a<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>? (10.1.0.4) at c6:63:bb:a7:d8:60 [ether] on br0<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>? (10.1.0.2) at 52:54:00:12:35:02 [ether] on br0<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>? (10.1.0.45) at 32:8c:fc:c1:7f:e5 [ether] on br0<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'><o:p> </o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'><o:p> </o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>davidparks21@hostOS:~$ brctl show<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>bridge name bridge id STP enabled interfaces<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'>br0 8000.080027ca5f7a no eth0<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'> vethB864oI<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'> vethQ2kfp9<o:p></o:p></span></p><p class=MsoNormal style='line-height:10.5pt;background:#EFEFEF;border:none;padding:0in'><span style='font-size:10.5pt;font-family:"Courier New";color:black'> vethYHH03A<o:p></o:p></span></p></div><p class=MsoNormal><span style='font-size:10.0pt;font-family:"DejaVu Sans","sans-serif";color:black;background:#EBECE4'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"DejaVu Sans","sans-serif";color:black;background:#EBECE4'>I'm starting to think "bug" here... I shouldn't possibly be able to see the traffic cross to and from the host OS and not see it in the container.</span><span style='font-size:10.0pt;font-family:"DejaVu Sans","sans-serif";color:black'><br><br><span style='background:#EBECE4'>I know the configuration works because this configuration works "sometimes" but not others.</span></span><o:p></o:p></p></div></body></html>