[Lxc-users] [Network] ioctl on socket fails in container
Daniel Lezcano
daniel.lezcano at free.fr
Wed Apr 14 11:13:43 UTC 2010
stephane.riviere at regis-dgac.net wrote:
> Hi,
>
> I'm using LXC to run Perl scripts that generate network traffic, using the
> Net::RawIP package.
> The scripts work perfectly well on a "real" host, but fail inside an LXC
> container.
>
> After a few hours of testing/debuging, the origin of the problem is that
> some basic ioctl calls on socket fails.
>
> Net::RawIP relies on SIOCGIFADDR et SIOCGIFHWADDR to get the IP and MAC
> addresses of the network interface.
>
> My container has 2 interfaces : 1 macvlan (normally used to generate
> traffic) and 1 bridged (to dialogue with the host and the other
> containers).
>
> In the container, these ioctl calls fail with an "Invalid argument" on
> every interface, including the loopback.
>
>
> I've extracted the failing code from Net::RawIP to have a simple test
> program (code at the end of the message).
> It just creates a socket and do the 2 ioctl calls on it.
>
> My LXC configuration is based on the article of Stéphane Graber
> (http://www.stgraber.org/category/lxc):
>
> - host : Ubuntu 9.10 Desktop (2.6.31 kernel)
> - containers : Ubuntu 8.04
>
>
> I really don't know what's wrong, because ifconfig relies on the same
> basic call to get interface information...
>
> If anyone has any idea, I would greatly appreciate it :-)
>
Good report, thanks ! I was able to reproduce it.
The problem is coming from the kernel, the following lines are still
there in the file net/packet/af_packet.c,
[ ... ]
if (!net_eq(sock_net(sk), &init_net))
return -ENOIOCTLCMD;
[ ... ]
in the packet_ioctl function. It shouldn't. These lines mean the
af_packet is not namespace aware, but I think this is no longer the case
still a long time now ... I assume just removing these two lines will
fix the problem.
Thanks
-- Daniel
More information about the lxc-users
mailing list