[lxc-users] Networking issue
Janjaap Bos
janjaapbos at gmail.com
Wed Nov 9 07:22:49 UTC 2016
Downgrade the kernel to verify your guess, as the other feedback you got
also points to the kernel. If that solves it, go file a kernel bug.
2016-11-09 7:33 GMT+01:00 Saint Michael <venefax at gmail.com>:
> It was working fine until a week ago.
> I have two sites, it happened on both, so the issue is not on my router or
> my switch, since they are different sites and we did not upgrade anything.
> Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-45-generic x86_64)
> LXC installed from apt-get install lxc1
> iptables off in both hosts and containers. I protect my network at the
> perimeter.
>
> All my container networking is defined
>
> lxc.network.type=macvlan
> lxc.network.macvlan.mode=bridge
> lxc.network.link=eth1
> lxc.network.name = eth0
> lxc.network.flags=up
> lxc.network.hwaddr = XX:XX:XX:XX:XX:XX
> lxc.network.ipv4 = 0.0.0.0/24
>
> Now suppose I have a machine, not a container, in the same broadcast
> domain as the containers, same subnet.
> It cannot ping or ssh into a container, which is accessible from outside
> my network.
> However, from inside the container the packets come and go perfectly, when
> the connection is originated by the container.
> A container can ping that host I mentioned, but the host cannot ping back
> the container.
> It all started a few days ago.
> Also, from the host, this test works
> arping -I eth0 (container IP address)
> it shows that we share the same broadcast domain.
>
> My guess is that the most recent kernel update in the LXC host, is
> blocking the communication to the containers, but it allows connections
> from the containers or connections from IP addresses not on the same
> broadcast domain.
> Any idea?
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20161109/e701615d/attachment.html>
More information about the lxc-users
mailing list