[lxc-users] systemd-networkd restart leaves old routes intact
Kees Bakker
keesb at ghs.com
Mon Mar 2 12:52:05 UTC 2020
Hey,
We have containers running Ubuntu 18.04 and netplan and systemd-networkd. The network
device is bridged on the LXD host so that the container is basically part of our local network.
The network device of the container gets its address from DHCP.
Each time when systemd-networkd is restarted in the container it gets a new IP address. And
not only that, the old IP address and the old routes have not been deleted.
To give an example. This is what I start with
root at mindmap:~# ip addr show dev eth0 scope global
35: eth0 at if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:16:3e:e2:3a:9a brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.16.16.161/22 brd 172.16.19.255 scope global dynamic eth0
valid_lft 5911sec preferred_lft 5911sec
root at mindmap:~# ip route
default via 172.16.16.1 dev eth0 proto dhcp src 172.16.16.161 metric 100
172.16.16.0/22 dev eth0 proto kernel scope link src 172.16.16.161
172.16.16.1 dev eth0 proto dhcp scope link src 172.16.16.161 metric 100
Then after a restart of systemd-networkd
root at mindmap:~# ip addr show dev eth0 scope global
35: eth0 at if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:16:3e:e2:3a:9a brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.16.16.161/22 brd 172.16.19.255 scope global dynamic eth0
valid_lft 5829sec preferred_lft 5829sec
inet 172.16.16.139/22 brd 172.16.19.255 scope global secondary dynamic eth0
valid_lft 7200sec preferred_lft 7200sec
root at mindmap:~# ip route
default via 172.16.16.1 dev eth0 proto dhcp src 172.16.16.161 metric 100
default via 172.16.16.1 dev eth0 proto dhcp src 172.16.16.139 metric 100
172.16.16.0/22 dev eth0 proto kernel scope link src 172.16.16.161
172.16.16.1 dev eth0 proto dhcp scope link src 172.16.16.161 metric 100
172.16.16.1 dev eth0 proto dhcp scope link src 172.16.16.139 metric 100
I realize that this could be a systemd issue, however I only see the problem in an LXC container.
So far I haven't been able to reproduce this problem on a normal (non-LXC)
system, or in virtualbox.
BTW. In the captured network packets I see something strange. When the DHCP
sees the DISCOVER it pings the "old" IP address, and it gets an answer from the
container. Well, it shouldn't get an answer.
--
Kees Bakker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pEpkey.asc
Type: application/pgp-keys
Size: 3813 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20200302/82d02a4a/attachment.key>
More information about the lxc-users
mailing list