[lxc-users] Containers have network issues when their host uses a bonded interface
Peter Steele
pwsteele at gmail.com
Mon Sep 28 12:23:56 UTC 2015
Here's an interesting data point: We noticed that our bond interface was
reporting a large number of dropped packets, particularly compared to
when we were using CentOS 6.5. As a test I decided to try out the new
"team" alternative to bonding that's offered by CentOS 7 and the dropped
packets virtually disappeared. Unfortunately, the original arp table
problem I reported in this thread reappeared, even though we're now
using the mainline 4.2 kernel. Apparently they fixed the bug for bonds
but the newer team feature is still susceptible.
Peter
On 09/11/2015 12:02 PM, Peter Steele wrote:
> On 09/10/2015 11:14 PM, Guido Jäkel wrote:
>> * Is even LXC not needed to reproduce the issue but just a bridge on
>> a bound and some other devices?
> I have not been able to reproduce the problem except between
> containers running on different hosts. Behavior is the same for lxc
> and libvirt-lxc.
>> * Did this issue appear if you use a higher MAC prefix than 64:...
>> for the veths?
> I did try this, using 54:C0:xx:xx:xx:xx for my mac addresses. It did
> not help.
>> May you dump the arp traffic (maybe together with icmp) on the host?
>> I'm interested in what happens in/around moment the gateway is pinged!
>>
>> On the bridge, did you set forward delay to 0, a low hello intervall
>> (e.g. 1s) and turn on STP?
>>
> I tried stp on and off, as well as setting a delay to 0 and sleep to
> 1. No luck.
>
> If I pre-populate everyone's arp tables, this solves the problem, but
> that's not a practical solution.
>
More information about the lxc-users
mailing list