Container doesn't ping

In my lxd server, I have two containers. Con1 has macvlan ip (192.168.1.X) and Con2 gets IP ( 10.215.12.245) from default profile. How can ping each other?

@tomp could u help me?

Please show output of ip a and ip r on the host and inside both containers. Also show output of lxc config show <instance> --expanded for for both containers, so I can get some idea how you have your setup configured.

root@con1:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
18: eth0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:16:3e:d8:db:b4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.33.254.140/16 brd 10.33.255.255 scope global dynamic eth0
       valid_lft 1104401sec preferred_lft 1104401sec
    inet6 fe80::216:3eff:fed8:dbb4/64 scope link
       valid_lft forever preferred_lft forever

root@con1:~# ip r
default via 10.33.10.1 dev eth0 proto dhcp src 10.33.254.140 metric 100
10.33.0.0/16 dev eth0 proto kernel scope link src 10.33.254.140
10.33.10.1 dev eth0 proto dhcp scope link src 10.33.254.140 metric 100
root@lxd1:~# lxc config show con1 --expanded
architecture: x86_64
config:
  image.architecture: amd64
  image.description: ubuntu 20.04 LTS amd64 (release) (20210223)
  image.label: release
  image.os: ubuntu
  image.release: focal
  image.serial: "20210223"
  image.type: squashfs
  image.version: "20.04"
  user.daily-backup: "1"
  volatile.base_image: b9e93652ee67612114951d910acc4fd6fce0473f8dc0bf562c602e997fcb4857
  volatile.eth0.host_name: mac0f5f0afd
  volatile.eth0.hwaddr: 00:16:3e:d8:db:b4
  volatile.eth0.last_state.created: "false"
  volatile.idmap.base: "0"
  volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.power: RUNNING
  volatile.uuid: b812378c-a4ef-48cc-8f10-5ded1e305ce5
devices:
  eth0:
    name: eth0
    nictype: macvlan
    parent: enp3s0f1
    type: nic
  root:
    path: /
    pool: my-lvm
    type: disk
ephemeral: false
profiles:
- my-lvm
stateful: false
description: ""

#################con2################

root@con2:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
35: eth0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:16:3e:cc:0e:54 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.33.254.47/16 brd 10.33.255.255 scope global dynamic eth0
       valid_lft 1209280sec preferred_lft 1209280sec
    inet6 fe80::216:3eff:fecc:e54/64 scope link
       valid_lft forever preferred_lft forever

root@con2:~# ip r
default via 10.33.10.1 dev eth0 proto dhcp src 10.33.254.47 metric 100
10.33.0.0/16 dev eth0 proto kernel scope link src 10.33.254.47
10.33.10.1 dev eth0 proto dhcp scope link src 10.33.254.47 metric 100
root@lxd1:~# lxc config show con2 --expanded
architecture: x86_64
config:
  image.architecture: amd64
  image.description: ubuntu 20.04 LTS amd64 (release) (20210223)
  image.label: release
  image.os: ubuntu
  image.release: focal
  image.serial: "20210223"
  image.type: squashfs
  image.version: "20.04"
  limits.memory: 500MB
  user.daily-backup: "1"
  volatile.base_image: b9e93652ee67612114951d910acc4fd6fce0473f8dc0bf562c602e997fcb4857
  volatile.eth0.host_name: mac1c261ac5
  volatile.eth0.hwaddr: 00:16:3e:cc:0e:54
  volatile.eth0.last_state.created: "false"
  volatile.idmap.base: "0"
  volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.power: RUNNING
  volatile.uuid: 1b4c565c-cdc9-450b-9b26-29446e4a8786
devices:
  eth0:
    name: eth0
    nictype: macvlan
    parent: enp3s0f1
    type: nic
  root:
    path: /
    pool: my-lvm
    type: disk
ephemeral: false
profiles:
- my-lvm
stateful: false
description: ""

Both of your containers are connected (via macvlan) to the external network via the interface enp3s0f1. It looks like they have both got IPs configured in 10.33.0.0/16 subnet (con1 =
10.33.254.140, and con2 = 10.33.254.47)

So I am not sure what you mean about 192.168.1.X and 10.215.12.245.

Oh it was my mistake. PLz check now

################con1###########################
root@con1:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
18: eth0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:16:3e:d8:db:b4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.33.254.140/16 brd 10.33.255.255 scope global dynamic eth0
       valid_lft 1104401sec preferred_lft 1104401sec
    inet6 fe80::216:3eff:fed8:dbb4/64 scope link
       valid_lft forever preferred_lft forever

root@con1:~# ip r
default via 10.33.10.1 dev eth0 proto dhcp src 10.33.254.140 metric 100
10.33.0.0/16 dev eth0 proto kernel scope link src 10.33.254.140
10.33.10.1 dev eth0 proto dhcp scope link src 10.33.254.140 metric 100
root@lxd1:~# lxc config show con1 --expanded
architecture: x86_64
config:
  image.architecture: amd64
  image.description: ubuntu 20.04 LTS amd64 (release) (20210223)
  image.label: release
  image.os: ubuntu
  image.release: focal
  image.serial: "20210223"
  image.type: squashfs
  image.version: "20.04"
  user.daily-backup: "1"
  volatile.base_image: b9e93652ee67612114951d910acc4fd6fce0473f8dc0bf562c602e997fcb4857
  volatile.eth0.host_name: mac0f5f0afd
  volatile.eth0.hwaddr: 00:16:3e:d8:db:b4
  volatile.eth0.last_state.created: "false"
  volatile.idmap.base: "0"
  volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.power: RUNNING
  volatile.uuid: b812378c-a4ef-48cc-8f10-5ded1e305ce5
devices:
  eth0:
    name: eth0
    nictype: macvlan
    parent: enp3s0f1
    type: nic
  root:
    path: /
    pool: my-lvm
    type: disk
ephemeral: false
profiles:
- my-lvm
stateful: false
description: ""
#############con5###############
root@con5:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
49: eth0@if50: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:16:3e:e4:4d:51 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.215.12.12/24 brd 10.215.12.255 scope global dynamic eth0
       valid_lft 2775sec preferred_lft 2775sec
    inet6 fd42:f9a1:5466:2d89:216:3eff:fee4:4d51/64 scope global dynamic mngtmpaddr noprefixroute
       valid_lft 3419sec preferred_lft 3419sec
    inet6 fe80::216:3eff:fee4:4d51/64 scope link
       valid_lft forever preferred_lft forever
root@con5:~# ip r
default via 10.215.12.1 dev eth0 proto dhcp src 10.215.12.12 metric 100
10.215.12.0/24 dev eth0 proto kernel scope link src 10.215.12.12
10.215.12.1 dev eth0 proto dhcp scope link src 10.215.12.12 metric 100


root@lxd1:~# lxc config show con5 --expanded
architecture: x86_64
config:
  image.architecture: amd64
  image.description: ubuntu 20.04 LTS amd64 (release) (20210223)
  image.label: release
  image.os: ubuntu
  image.release: focal
  image.serial: "20210223"
  image.type: squashfs
  image.version: "20.04"
  volatile.base_image: b9e93652ee67612114951d910acc4fd6fce0473f8dc0bf562c602e997fcb4857
  volatile.eth0.host_name: vethfcc1f2dc
  volatile.eth0.hwaddr: 00:16:3e:e4:4d:51
  volatile.idmap.base: "0"
  volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.power: RUNNING
  volatile.uuid: 64650098-d045-4f7a-b36b-9b1b7e9ab953
devices:
  eth0:
    name: eth0
    network: lxdbr0
    type: nic
  root:
    path: /
    pool: mypool
    type: disk
ephemeral: false
profiles:
- default
stateful: false
description: ""

When using macvlan NICs, MACVLANS inherently do not allow communication with the host (this is by design and not something LXD can control).

Because the other network, lxdbr0, is not reachable from the external network that the first container is connected to, it means traffic would have to go to the host to get routed into lxdbr0, which isn’t allowed my MACVLAN.

Instead you could consider add an additional NIC to the macvlan container, which connects to lxdbr0, that way that container would be present on both networks. However care would need to be taken in that container to ensure that it doesn’t attempt DHCP on both networks, otherwise it would end up setting up conflicting static routes.

The other option you could use is routed NIC rather than MACVLAN. This would require the container to have a static IP, but would allow it to be exposed onto the external network, while at the same time routing through the host (and thus able to reach the lxdbr0 network), all using the same single NIC.