I ran tcpdump this morning wide open (when I ran it for port 67 and port 68 there was zero traffic detected when starting the lxc container nsa2). When I ran tcpdump wide open I got the following traffic detected when the lxc container starts. I again tried turning off firewalld completely and this is still what I get as shown below. Wondering what is going on here?
[ubuntu@f33sv1 ~]$ sudo tcpdump -i lxcbr0 -vvv dropped privs to tcpdump tcpdump: listening on lxcbr0, link-type EN10MB (Ethernet), capture size 262144 bytes 08:34:39.305449 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA)) f33sv1 > igmp.mcast.net: igmp v3 report, 1 group record(s) [gaddr 224.0.0.252 to_ex { }] 08:34:39.305469 IP6 (hlim 1, next-header Options (0) payload length: 76) f33sv1 > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 3 group record(s) [gaddr ff02::1:3 to_ex { }] [gaddr ff02::1:ff00:0 to_ex { }] [gaddr ff02::6a to_ex { }] 08:34:39.305542 IP6 (hlim 1, next-header Options (0) payload length: 36) :: > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 1 group record(s) [gaddr ff02::1:ff13:707c to_ex { }] 08:34:39.397672 IP6 (hlim 1, next-header Options (0) payload length: 76) f33sv1 > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 3 group record(s) [gaddr ff02::1:3 to_ex { }] [gaddr ff02::1:ff00:0 to_ex { }] [gaddr ff02::6a to_ex { }] 08:34:39.445676 IP6 (hlim 1, next-header Options (0) payload length: 36) :: > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 1 group record(s) [gaddr ff02::1:ff13:707c to_ex { }] 08:34:39.765786 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) :: > ff02::1:ff13:707c: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::216:3eff:fe13:707c unknown option (14), length 8 (1): 0x0000: f203 5136 6f9a 08:34:39.891089 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) f33sv1 > ff02::1:ff13:707c: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::216:3eff:fe13:707c source link-address option (1), length 8 (1): 00:16:3e:00:00:00 0x0000: 0016 3e00 0000 08:34:40.029649 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA)) f33sv1 > igmp.mcast.net: igmp v3 report, 1 group record(s) [gaddr 224.0.0.252 to_ex { }] 08:34:40.797778 IP6 (hlim 1, next-header Options (0) payload length: 36) fe80::216:3eff:fe13:707c > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 1 group record(s) [gaddr ff02::1:ff13:707c to_ex { }] 08:34:40.797796 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::216:3eff:fe13:707c > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16 source link-address option (1), length 8 (1): 00:16:3e:13:70:7c 0x0000: 0016 3e13 707c 08:34:40.925732 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) f33sv1 > ff02::1:ff13:707c: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::216:3eff:fe13:707c source link-address option (1), length 8 (1): 00:16:3e:00:00:00 0x0000: 0016 3e00 0000 08:34:40.925787 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::216:3eff:fe13:707c > f33sv1: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is fe80::216:3eff:fe13:707c, Flags [solicited, override] destination link-address option (2), length 8 (1): 00:16:3e:13:70:7c 0x0000: 0016 3e13 707c 08:34:40.925797 IP6 (flowlabel 0xb6a64, hlim 1, next-header TCP (6) payload length: 44) f33sv1.60688 > fe80::216:3eff:fe13:707c.hostmon: Flags [S], cksum 0xebef (incorrect -> 0xb854), seq 2709608773, win 64800, options [mss 1440,sackOK,TS val 789202957 ecr 0,nop,wscale 7,tfo cookiereq,nop,nop], length 0 08:34:40.925818 IP6 (flowlabel 0xed86d, hlim 64, next-header TCP (6) payload length: 20) fe80::216:3eff:fe13:707c.hostmon > f33sv1.60688: Flags [R.], cksum 0xebd7 (incorrect -> 0xc74f), seq 0, ack 2709608774, win 0, length 0 08:34:41.693783 IP6 (hlim 1, next-header Options (0) payload length: 36) fe80::216:3eff:fe13:707c > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 1 group record(s) [gaddr ff02::1:ff13:707c to_ex { }] 08:34:44.509930 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::216:3eff:fe13:707c > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16 source link-address option (1), length 8 (1): 00:16:3e:13:70:7c 0x0000: 0016 3e13 707c 08:34:46.045831 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::216:3eff:fe13:707c > f33sv1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has f33sv1 source link-address option (1), length 8 (1): 00:16:3e:13:70:7c 0x0000: 0016 3e13 707c 08:34:46.045891 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 24) f33sv1 > fe80::216:3eff:fe13:707c: [icmp6 sum ok] ICMP6, neighbor advertisement, length 24, tgt is f33sv1, Flags [solicited] On Wed, Dec 23, 2020 at 12:14 AM Orabuntu-LXC <gilb...@orabuntu-lxc.com> wrote: > Hi, I cannot get dnsmasq to issue a dhcp address via lxc-net on fedora > 33. I have compared it to a working system on Ubuntu 20.04 and what I find > is that when an lxc container starts, there is DHCPOFFER normal activity in > lxc-net status on Ubuntu 20.04, but not on Fedora 33 where the > configuration is afaik exactly the same. > > I have tried various firewalld settings in case firewalld was blocking > somehow, but nothing has worked including disabling firewalld entirely as > well as disabling selinux entirely. Tomorrow I will try tcpdump and see > if there are clues there. Thanks! > > -- > Gilbert Standen > Creator Orabuntu-LXC > 914-261-4594 > gilb...@orabuntu-lxc.com > > -- Gilbert Standen Creator Orabuntu-LXC 914-261-4594 gilb...@orabuntu-lxc.com
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss