[lxc-users] networking issue
Tamas Papp
tompos at martos.bme.hu
Wed Jan 29 13:17:18 UTC 2014
On 01/26/2014 10:09 PM, Tamas Papp wrote:
> hi All,
>
> The problem may not be LXC only but I don't what the keyword is to
> search for.
>
>
> Topology:
>
> ---- inet ---- 1.2.3.4 firewall (DNAT) 10.0.0.1/8 ---- 10.1.0.0/8 lxc1 +
> 10.2.0.0/8 lxc2
>
>
> On firewall:
>
> $ iptables -t nat -A PREROUTING -d 1.2.3.4 --dport smtp -j DNAT --to
> 10.1.0.2:25
>
>
> 10.1.0.1 and 10.1.0.2 are containers on lxc01.
> 10.2.0.2 is a container on lxc02.
>
>
> Test command:
> $ telnet 10.1.0.2 25
>
>
> It's failing from the 10.1.0.0/8 containers and lxc01.
> It's OK on containers on lxc02 (eg. 10.2.0.2).
>
>
> According to tcpdump packets reaching the iface 10.0.0.1 and they're gone.
> Changing proxy_arp and rp_filter on 10.0.0.1 iface doesn't help.
>
>
> Any idea?
>
More info I missed above:
lxc version is the latest from Ubuntu ppa, but if I remember correctly,
it was true for older releases as well.
Thanks,
tamas
More information about the lxc-users
mailing list