[Lxc-users] veth interface not deleted?

Jäkel, Guido G.Jaekel at dnb.de
Tue Oct 1 09:16:09 UTC 2013


>Would injecting tcp rst really be necessary? In my test, doing "ip link del" on the host side of the interface ALWAYS succeed, no matter
>what the state the guest container's interface is.
>
>Serge, do you have the particular commit ids for "lxc.network.script.down" support? Backporting that would probably be the best step for
>me to try.

Dear Fajar, Dear Serge,

With my setup i found that on a test machine tcpdump detects a RST packet from the container (for an open, idle ssh connection to the containers sshd) only if the network interface of the container is *not* brought down at shutdown. Obviously, in that moment the ssh-client exists immediately with a "Connection to <container> closed by remote host". And I did not observe any "undeleted" veth's

If the interface is closed as usual, nothing happens at the test machine. Here the veth stay alive on the lxc-host. I'm able to remove the interface using 'ip link del dev <veth>'. This will allow to startup the container again using the same veth name (; i name it fixed by the container name). But in spite of this action, the ssh connection stay alive.

At the moment I don’t' have an idea where the "friendly" RST comes from. But it will terminate the tcp connections and therefore, the veth vanish at once.

Guido




More information about the lxc-users mailing list