<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi,<div class=""><br class=""></div><div class="">I’m running on Ubuntu18.04 LXC 3.0.0.</div><div class=""><br class=""></div><div class="">I’ve created 5 debian9 containers with default eth0 networking on NAT:</div><div class=""><br class=""></div><div class=""><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""># lxc network show lxdbr0</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">config:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  ipv4.address: 10.1.1.1/24</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  ipv4.dhcp.ranges: 10.1.1.2-10.1.1.99</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  ipv4.nat: "true"</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  ipv6.address: fd42:6f79:c120:7701::1/64</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  ipv6.nat: "true"</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">description: Natted network 0</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">name: lxdbr0</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">type: bridge</span></div></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""><br class=""></span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-family: Helvetica; font-size: 12px;" class="">One of the containers (frontal) has an additional interface configured with:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""># lxc network attach vlan7 frontal</span></div><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""># lxc config show kspreprodfrontal</span></div></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">…</div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">devices:</span></div><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  vlan7:</span></div><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">    nictype: macvlan</span></div><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">    parent: vlan7</span></div><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">    type: nic</span></div></span></div></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-family: Helvetica; font-size: 12px;" class=""><br class=""></span></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><span style="font-family: Helvetica; font-size: 12px;" class="">vlan7 is a </span>flan with id: 7 configured in <span style="font-family: Monaco; font-size: 10px;" class="">/etc/netplan/01-netcfg.yaml</span><span style="font-family: Monaco; font-size: 10px;" class=""> </span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">... </span></div><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">vlans:</span></div><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">    vlan7:</span></div><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">      id: 7</span></div><div style="margin: 0px; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">      link: enp1s0f0</span></div><div class=""><span style="font-variant-ligatures: no-common-ligatures" class=""><br class=""></span></div></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">I’ve changed the frontal host internal networking so that eth1 comes first and default route is going through eth1. </div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">Everything works internal and external…except from time to time, the frontal starts refusing connexions from the outside for a few seconds (up to 50).</div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">It looks like general networking because all ports suddenly stop working (connexion refused) </div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">internally the frontal remains reachable</div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">I’m running haproxy on ports 80 and 443, but also tried running apache2 on port 8082. All ports go down at the same time.</div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">Any idea?</div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">Thanks for any suggestion.</div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">Cheers,</div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class="">Michel</div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-family: Helvetica; font-size: 12px;" class=""><br class=""></span></div><div class=""><span style="font-variant-ligatures: no-common-ligatures" class=""><br class=""></span></div></body></html>