Public bug reported:
Starting configuration. Ubuntu 20.04, Qemu (repository version), also
the latest Docker snap.
Actions: Upgrade to Ubuntu 20.10. Qemu and Docker will have been
upgraded too, I assume.
Result: The system is fine. However, when I start a Qemu client, it can
no longer access the Internet (via the host machine).
Investigation: The network is fine. Clients can access the host.
Everything checked out. I suspected that there were issues with the
iptables.
I discovered that Ubuntu 20.10 had been switched to using nftables
rather than the legacy iptables. There are now two iptables command
variants - 'iptables-nft' (aliased to 'iptables') and 'iptables-legacy'.
Investigation using 'iptables-legacy' showed a rule on the FORWARD chain
which dropped all packets. The rule was added by the Docker snap.
I replaced the iptables legacy DROP rule with an ACCEPT rule and the
clients were able to access the Internet again. This confirmed the cause
of the issue.
I disabled the Docker snap package and rebooted and the legacy rules
were not created and the clients could access the Internet via the host.
Conclusion: The Canonical supplied Docker snap is creating the iptables
rules using the legacy command, and not the nft version of the command.
This is causing the issue with the Qemu client.
** Affects: docker (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1903420
Title:
Qemu clients lose Internet access on upgrade to Groovy Gorilla
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker/+bug/1903420/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
