[Lxc-users] IPv4 container in a non-IPv4 main system ?
Fajar A. Nugraha
list at fajar.net
Tue Jun 12 05:38:27 UTC 2012
On Tue, Jun 12, 2012 at 12:23 PM, Sébastien Montagne
<sebastien.montagne at gmail.com> wrote:
>
> It seems that ARP reply is not seen in guest's eth0...
Well, fix that :)
> Guest netstat -nr :
>
> # netstat -nr
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
> Iface
> 91.121.99.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
>
>
> Running route add -host 91.121.99.254 eth0
You shouldn't need to execute that command. Ever.
>
> Running route del -net 91.121.99.0/24 gw 0.0.0.0 eth0
... and neither does that command. Ever.
> Guest tcpdump -n -i eth0 host 91.121.99.254 :
> # tcpdump -n -i eth0 host 91.121.99.254
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
> 07:13:35.725768 ARP, Request who-has 91.121.99.254 tell 91.121.99.167,
> length 28
> 07:13:36.741762 ARP, Request who-has 91.121.99.254 tell 91.121.99.167,
> length 28
>
> Host tcpdump -n -i br0 host 91.121.99.254 :
> # tcpdump -n -i br0 host 91.121.99.254
> tcpdump: WARNING: br0: no IPv4 address assigned
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on br0, link-type EN10MB (Ethernet), capture size 65535 bytes
> 07:15:09.221773 ARP, Request who-has 91.121.99.254 tell 91.121.99.167,
> length 28
> 07:15:09.222176 ARP, Reply 91.121.99.254 is-at 00:00:0c:07:ac:01, length 46
Try tcpdump on your container's veth interface on host side (from your
example, it was vethZkMxv3). This can help isolate whether the problem
is in the host (e.g. host firewall) or veth pair (unlikely, but worth
to try). Also:
- disable firewall (e.g. iptables) in the host temporarily, if active
- try simple setup first, with IPv4 in both host and guest
- make sure the switch/router your server connected to supports
multiple MAC on the same port
If you're using a hosted server, the last one might be the source of
problem as many provider doesn't allow that.
--
Fajar
More information about the lxc-users
mailing list