<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Dear all,<div class=""><br class=""></div><div class=""><div style="orphans: 2; text-align: -webkit-auto; widows: 2; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">This is a follow up on my network instability problem.</div><div style="orphans: 2; text-align: -webkit-auto; widows: 2; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Last friday, I moved my containers on a second server (identical in all aspects) configured with bridged networking instead of macvlan.</div></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Since then not one packet lost or refused.</div><div style="orphans: 2; text-align: -webkit-auto; widows: 2; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><span style="text-align: -webkit-auto;" class="">It could be that our switches or router don’t react well to macvlan behaviour.</span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Next week, I’ll switch the containers back to the first server, with the bridged network stack. </div><div class=""><br class="webkit-block-placeholder"></div><div class="">In case it can be of any use, I have included the netplan configuration (creates a vlan7br0 bridge on top of vlan n°7).</div><div class=""><br class=""></div><div class="">Cheers,</div><div class=""><br class=""></div><div class="">Michel</div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class="webkit-block-placeholder"></div><div class="">/etc/netplan/<span style="font-family: Monaco; font-size: 10px; background-color: rgb(255, 255, 255);" class="">01-netcfg.yaml</span><span style="font-family: Monaco; font-size: 10px; background-color: rgb(255, 255, 255);" class=""> </span></div><div class=""><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">network:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  version: 2</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  renderer: networkd</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  ethernets:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">    enp1s0f0: {} </span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  bridges:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">    vlan7br0:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">      interfaces: [ vlan7 ]</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">      addresses: [ 10.24.0.2/24 ]</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">      gateway4: 10.24.0.1</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">      nameservers:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">        addresses:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">          - “10.24.1.5"</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">          - “10.24.1.6"</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">  vlans:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">    vlan7:</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">      id: 7</span></div><div style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">      link: enp1s0f0</span></div><div class=""><span style="font-variant-ligatures: no-common-ligatures" class=""><br class=""></span></div><br class=""><br class=""></div>
</div>
<br class=""><div><blockquote type="cite" class=""><div class="">On 6 Jun 2018, at 21:08, Michel Jansens <<a href="mailto:michel.jansens@ulb.ac.be" class="">michel.jansens@ulb.ac.be</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><meta http-equiv="Content-Type" content="text/html charset=utf-8" class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class=""><div class="" style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">Hi,<div class=""><br class=""></div><div class="">I’m running on Ubuntu18.04 LXC 3.0.0.</div><div class=""><br class=""></div><div class="">I’ve created 5 debian9 containers with default eth0 networking on NAT:</div><div class=""><br class=""></div><div class=""><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;"># lxc network show lxdbr0</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;">config:</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;">  ipv4.address: 10.1.1.1/24</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;">  ipv4.dhcp.ranges: 10.1.1.2-10.1.1.99</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;">  ipv4.nat: "true"</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;">  ipv6.address: fd42:6f79:c120:7701::1/64</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;">  ipv6.nat: "true"</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;">description: Natted network 0</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;">name: lxdbr0</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;">type: bridge</span></div></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-variant-ligatures: no-common-ligatures;"><br class=""></span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-family: Helvetica; font-size: 12px;">One of the containers (frontal) has an additional interface configured with:</span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><br class=""></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;"># lxc network attach vlan7 frontal</span></div><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;"># lxc config show kspreprodfrontal</span></div></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">…</div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">devices:</span></div><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;"><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">  vlan7:</span></div><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">    nictype: macvlan</span></div><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">    parent: vlan7</span></div><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">    type: nic</span></div></span></div></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><span class="" style="font-family: Helvetica; font-size: 12px;"><br class=""></span></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);"><span class="">vlan7 is a </span>flan with id: 7 configured in <span class="" style="font-family: Monaco; font-size: 10px;">/etc/netplan/01-netcfg.yaml</span><span class="" style="font-family: Monaco; font-size: 10px;"> </span></div><div class="" style="margin: 0px; font-size: 10px; line-height: normal; font-family: Monaco; background-color: rgb(255, 255, 255);"><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">... </span></div><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">vlans:</span></div><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">    vlan7:</span></div><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">      id: 7</span></div><div class="" style="margin: 0px; line-height: normal;"><span class="" style="font-variant-ligatures: no-common-ligatures;">      link: enp1s0f0</span></div><div class=""><span class="" style="font-variant-ligatures: no-common-ligatures;"><br class=""></span></div></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">I’ve changed the frontal host internal networking so that eth1 comes first and default route is going through eth1. </div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">Everything works internal and external…except from time to time, the frontal starts refusing connexions from the outside for a few seconds (up to 50).</div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">It looks like general networking because all ports suddenly stop working (connexion refused) </div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">internally the frontal remains reachable</div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">I’m running haproxy on ports 80 and 443, but also tried running apache2 on port 8082. All ports go down at the same time.</div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);"><br class=""></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);"><div class="">I’ve now installed an Ubuntu (16.04) container and added the vlan7 network the same way.</div><div class="">It worked fine…for about an hour and stopped working again, but for good.</div><div class="">What is weird is that port 80 and 443 are refused but port 22 is working (maybe that’s the host ssh?).</div><div class=""><br class=""></div></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);"><br class=""></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">Any idea?</div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);"><br class=""></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">Thanks for any suggestion.</div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);"><br class=""></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">Cheers,</div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);"><br class=""></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">Michel</div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);"><br class=""></div><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);">PS: Sorry for my previous post where I replied to another message and apparently messing with another thread... </div></div></div><div class=""><div class=""><div class="" style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div class="" style="margin: 0px; line-height: normal; background-color: rgb(255, 255, 255);"><br class=""></div></div></div></div></div>_______________________________________________<br class="">lxc-users mailing list<br class=""><a href="mailto:lxc-users@lists.linuxcontainers.org" class="">lxc-users@lists.linuxcontainers.org</a><br class="">http://lists.linuxcontainers.org/listinfo/lxc-users</div></blockquote></div><br class=""></body></html>