You are not logged in.

#1 2021-09-29 15:05:22

positronik
Member
Registered: 2016-02-08
Posts: 86

[SOLVED] LXC containers not accessible from host

I have this weird issue that I would like to understand.

The setup

On a host machine I run docker and lxc. On LXC I have services such as pihole.

The problem

Some time after the machine boots, DNS resolution stops working, however the LXC container can be reached with ICMP from the host.

My investigation

At first I thought it was a problem with the firewall, but that is not the case, in fact DNS resolution works for every machine except the host.
I then started to notice with tcpdump that, when DNS fails on the host, some ARP packages are exchanged and the MAC address corresponding to the DNS server is wrong.
I turned off docker, flushed ARP and now DNS resolution works again, in fact ip n reports the correct MAC for the DNS server.
Do you know why something like this happens and how to avoid it?
To my knowledge this started only few days ago but none of the recently updated packages seems to be related to docker.

The solution

Apparently Docker had nothing to do with the issue. There was a wrong directive in one of the LXC containers assigning the same IP of the pihole container to another one.
After fixing that it seems to be working.

I suspect that lxc.net.0.ipv4.address resumed working only recently, as I mentioned already that up to few days ago everything was working fine.

Last edited by positronik (2021-09-29 15:48:48)

Offline

Board footer

Powered by FluxBB