<div dir="ltr"><div class="" itemprop="text" style="margin:0px 0px 5px;padding:0px;border:0px;font-size:15px;width:660px;word-wrap:break-word;line-height:1.3;color:rgb(34,36,38);font-family:Arial,'Helvetica Neue',Helvetica,sans-serif"><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">I am experiencing connection issues inside a LXC that are driving me mad. They are intermitent. They appear during some time, and they suddenly disappear.</p><h1 style="margin:0px 0px 0.5em;padding:0px;border:0px;font-size:21px;line-height:1.3;word-wrap:break-word">Scenario</h1><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">A lxc inside a host. Both are running Debian GNU/Linux 8.3 In the lxc there is an installation of Piwik (open source PHP software for stats, with apache, mysql) and an ssh server. The lxc apache is reachable through an nginx proxy in the host</p><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">The lxc config:</p><pre style="margin-top:0px;padding:5px;border:0px;font-size:13px;overflow:auto;width:auto;max-height:600px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;word-wrap:normal;background-color:rgb(238,238,238)"><code style="margin:0px;padding:0px;border:0px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;white-space:inherit">lxc.tty = 6
lxc.pts = 1024
lxc.rootfs = /var/lib/lxc/hammond/rootfs
lxc.cgroup.devices.deny = a
# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 4:0 rwm
lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rwm

# mounts point
lxc.mount.entry=proc /var/lib/lxc/hammond/rootfs/proc proc nodev,noexec,nosuid 0 0
lxc.mount.entry=devpts /var/lib/lxc/hammond/rootfs/dev/pts devpts defaults 0 0
lxc.mount.entry=sysfs /var/lib/lxc/hammond/rootfs/sys sysfs defaults  0 0

# networking
lxc.utsname = hammond
lxc.network.type = veth
#lxc.network.macvlan.mode = private
lxc.network.flags = up
lxc.network.link = br-hammond
lxc.network.ipv4 = <a href="http://192.168.100.2/24">192.168.100.2/24</a>
lxc.network.ipv4.gateway = 192.168.100.1
lxc.network.hwaddr = 00:1E:10:C1:6B:C9

lxc.start.auto = 1

# <a href="http://serverfault.com/questions/658052/systemd-journal-in-debian-jessie-lxc-container-eats-100-cpu">http://serverfault.com/questions/658052/systemd-journal-in-debian-jessie-lxc-container-eats-100-cpu</a>
lxc.autodev = 1
lxc.kmsg = 0
</code></pre><h1 style="margin:0px 0px 0.5em;padding:0px;border:0px;font-size:21px;line-height:1.3;word-wrap:break-word">Issues:</h1><h2 style="margin:0px 0px 0.5em;padding:0px;border:0px;font-size:19px;line-height:1.3;font-weight:400;word-wrap:break-word">1. Cannot connect to local database</h2><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">Suddenly, Piwik reports:</p><blockquote style="margin:0px 0px 10px;padding:10px;border-width:0px 0px 0px 2px;border-left-style:solid;border-left-color:rgb(255,235,142);quotes:none;background-color:rgb(255,248,220)"><p style="margin:0px;padding:0px;border:0px;clear:both">SQLSTATE[HY000] [2003] Can't connect to MySQL server on '127.0.0.1' (111)</p></blockquote><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">The database is running, of course.</p><ul style="margin:0px 0px 1em 30px;padding:0px;border:0px"><li style="margin:0px 0px 0.5em;padding:0px;border:0px;word-wrap:break-word">If I telnet from inside the lxc (<a href="http://127.0.0.1:3306">127.0.0.1:3306</a>), I can connect to the database</li><li style="margin:0px 0px 0.5em;padding:0px;border:0px;word-wrap:break-word">If I telnet the apache from inside the lxc (<a href="http://127.0.0.1:80">127.0.0.1:80</a>), Piwik works fine. It connects to the database, renders the page as usual and doesn't report any error.</li><li style="margin:0px;padding:0px;border:0px;word-wrap:break-word">If I telnet the apache from the host (<a href="http://192.168.100.2:80">192.168.100.2:80</a>), Piwik reports the database error.</li></ul><h2 style="margin:0px 0px 0.5em;padding:0px;border:0px;font-size:19px;line-height:1.3;font-weight:400;word-wrap:break-word">2. SSH freezes</h2><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">I am tunneling the ssh connection to the lxc using <code style="margin:0px;padding:1px 5px;border:0px;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;white-space:pre-wrap;background-color:rgb(238,238,238)">ProxyCommand</code></p><pre style="margin-top:0px;padding:5px;border:0px;font-size:13px;overflow:auto;width:auto;max-height:600px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;word-wrap:normal;background-color:rgb(238,238,238)"><code style="margin:0px;padding:0px;border:0px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;white-space:inherit">ProxyCommand ssh -q host nc -q0 192.168.100.2 22
</code></pre><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">After the ssh negotiation phase, the connection freezes. If I type keys, they don't show up in the console. Finally, the connection timeouts with</p><blockquote style="margin:0px 0px 10px;padding:10px;border-width:0px 0px 0px 2px;border-left-style:solid;border-left-color:rgb(255,235,142);quotes:none;background-color:rgb(255,248,220)"><p style="margin:0px;padding:0px;border:0px;clear:both">packet_write_wait: Connection to UNKNOWN: Broken pipe</p></blockquote><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">I have sniffed the packets with tcpdump and ssh key exchanges goes fine. Then, the traffic stops after 0.5 seconds</p><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">I think this is a bug in last Debian kernel updates. It used to work fine, but I am experiencing these problems since a few weeks ago. As I mention, they are intermittent. Suddenly, everything goes fine.</p><p style="margin:0px 0px 1em;padding:0px;border:0px;clear:both">Suggestions on how to investigate further are welcomed</p><div><br></div></div></div>