On Mon, Jun 27, 2016 at 5:15 PM, <[email protected]> wrote: > However, I cannot ping an outside IP: > root@taskd:~# ping > 8.8.8.8 > > PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. > > On the host I see: > 11:30:14.343238 IP 10.0.8.54 > google-public-dns-a.google.com: ICMP echo > request, id 12902, seq 1, length 64 >
Is this on lxdbr0? What do you get when you tcpdump your host public interface (e.g. eth0), using a filter like tcpdump -n -i eth0 host 8.8.8.8 My GUESS is your host stops forwarding packets, and no container traffic is seen on eth0 > After running > > service lxd stop > service lxd-bridge stop > service lxd start > > on the host, everything works again. > > Some basic things to check when your outgoing networking stops: - look at syslog for error messages, esp. related to network or iptables - verify that your iptables NAT rules are still in place, "iptables -nL -t nat" (lxd-bridge should create a MASQUERADE rule when it starts) - verify that there is NO filter rule blocking traffic from container (iptables -nL) - verify that "cat /proc/sys/net/ipv4/ip_forward" still shows 1 Again, if you DON'T see container packets on eth0 when testing ping 8.8.8.8 from the container, then my GUESS is you have some cron job that disables packet forwarding. All I can say is that I've been using lxd since 2.0.0-beta days on trusty, wily, and now mostly 2.0.2 on xenial, and I didn't have your problem. Then again, this is a customized install where (among others) I prune all unnecessary packages, so it might be a factor. -- Fajar
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
