[lxc-users] lxd host can not access container via domain

Fajar A. Nugraha list at fajar.net
Sun Sep 3 15:45:32 UTC 2017


On Sat, Sep 2, 2017 at 9:02 AM, Benjamin Asbach <lxd at impl.it> wrote:
> Hi there,
>
> I've some problems with connecting to my containers via my public domain
> from the host itself. I'm using bridged network by lxc network. The setup
> looks like this
>
> remote -> domain.com -> host -> container1 (nginx) -> container2 (app)
>
> When I curl from a remote location this works quite fine:
>
> curl https://sub.domain.com
> <html></html>%
>
> But when I'm doing the same from the host itself:
>
> curl https://sub.domain.com
> curl: (7) Failed to connect to sub.domain.com port 443: Connection refused
>
> I'm a little bit confused why this happens.

So you perform NAT on the host, and test the NAT (by accessing
'sub.domain.com', which is the host's IP address)? That won't work.
That's exactly how iptables would behave. It's general iptables issue,
not lxc issue.

https://unix.stackexchange.com/questions/113521/iptables-redirect-local-request-with-nat#answer-113651
says it's possible (using OUTPUT), but I've never tested it though.

-- 
Fajar


More information about the lxc-users mailing list