<div dir="ltr">We have noticed this problem too. We are on Ubuntu (trusty) and the veth interfaces do get left behind on the host bridge device (seemingly at random) after stopping ephemeral containers. We have tried to see if it was related to containers being started/shut down in parallel, or due to other causes but have been unable to identify the actual root cause.<div><br></div><div>We thought that perhaps it was related to this prior discussion (<span class=""><a href="https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-September/012195.html">https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-September/012195.html</a>)</span> and the associated fix (<span class=""><a href="https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-September/012197.html">https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-September/012197.html</a>)</span></div><div><span class=""><br></span></div><div><span class="">We have not had a chance to try them out though.</span></div><div>
<p class=""><span class=""></span><br></p>
<p class=""><br></p></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Feb 19, 2016 at 12:05 PM, Bostjan Skufca <span dir="ltr"><<a href="mailto:bostjan@a2o.si" target="_blank">bostjan@a2o.si</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Tnx for insight Guido.</div><div><br></div><div>But this "bug" only happens on RH-based hosts, or not?</div><div><br></div><div>It might be that it is happening on others too and I am not noticing it as devices detach from bridges and do not interfere with active networking.</div><div><br></div><div>If this is common case, then maybe LXC itself should rename stale interface to ORIGNAME.stale.$RANDOM or something, in order to avoid problems with fixed interface names.</div><div><br></div><div>For me, the question to look into is why devices not not detach from bridge, not why do they not disappear altogether.</div><span class="HOEnZb"><font color="#888888"><div><br></div><div>b.</div><div><br></div></font></span></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On 19 February 2016 at 20:33, Guido Jäkel <span dir="ltr"><<a href="mailto:G.Jaekel@dnb.de" target="_blank">G.Jaekel@dnb.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Dear Bostjan<br>
<br>
The veth will not disappear after shutdown of the container until all pending TCP connections through this veth-pair are timed out (CLOSE/FIN-WAIT). Sometimes, i even can't delete it on the host. And because, i name the host-side of each veth to the name of the container, i have to get rid of it to start the Container again. I use<br>
<br>
ip link set dev $DEV name away.$RANDOM<br>
<br>
to archive this<br>
<br>
Guido<br>
<br>
<br>
<br>
<br>
On 19.02.2016 17:08, Bostjan Skufca wrote:<br>
> Does it delete both interfaces, the one in host's namespace which is added<br>
> to bridge (vethX) and the one in container's namespace (appears as ethX in<br>
> there) too?<br>
><br>
> b.<br>
><br>
><br>
> On 19 February 2016 at 11:58, Fajar A. Nugraha <<a href="mailto:list@fajar.net" target="_blank">list@fajar.net</a>> wrote:<br>
><br>
>> On Fri, Feb 19, 2016 at 5:41 PM, Bostjan Skufca <<a href="mailto:bostjan@a2o.si" target="_blank">bostjan@a2o.si</a>> wrote:<br>
>><br>
>>> I had similar experience using CentOS 7 as host.<br>
>>><br>
>>> I did not investigate it yet, but for some reason veth network interfaces<br>
>>> were not being destroyed when containers stopped, and this could only be<br>
>>> seen with "brctl show" as more interfaces were attached to a bridge than<br>
>>> there were containers running. The effect was that multiple network<br>
>>> interfaces with the same MAC were attached to the bridge and successful<br>
>>> connections were, well, sporadic.<br>
>>><br>
>>> On the first inspection it only happened to some containers that had<br>
>>> explicit mounts from outside (unconfirmed!, just a hunch for now).<br>
>>><br>
>>><br>
>><br>
>> I use a workaround:<br>
>><br>
>> # ls -la /etc/lxc/script/net-down<br>
>> -rwxr-xr-x 1 197623 197121 36 Apr 27 2015 /etc/lxc/script/net-down<br>
>><br>
>><br>
>> # cat /etc/lxc/script/net-down<br>
>> #!/bin/bash<br>
>> /sbin/ip link del "$5"<br>
>><br>
>><br>
>> # grep script /var/lib/lxc/rdp/config<br>
>> lxc.network.script.down = /etc/lxc/script/net-down<br>
>><br>
>><br>
>> The correct interface name is passed as argument to script executed<br>
>> by lxc.network.script.down.<br>
>><br>
>> --<br>
>> Fajar<br>
>><br>
>><br>
>> _______________________________________________<br>
>> lxc-users mailing list<br>
>> <a href="mailto:lxc-users@lists.linuxcontainers.org" target="_blank">lxc-users@lists.linuxcontainers.org</a><br>
>> <a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br>
>><br>
><br>
><br>
><br>
> _______________________________________________<br>
> lxc-users mailing list<br>
> <a href="mailto:lxc-users@lists.linuxcontainers.org" target="_blank">lxc-users@lists.linuxcontainers.org</a><br>
> <a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br>
><br>
<br>
_______________________________________________<br>
lxc-users mailing list<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org" target="_blank">lxc-users@lists.linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a></blockquote></div><br></div>
</div></div><br>_______________________________________________<br>
lxc-users mailing list<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br></blockquote></div><br></div>