Ah docker. See
and
Not sure if the first UFW rules did it… But containers are getting an IP again!
1 Like
Basically docker modifies the iptables rules so that it prevents container’s DHCP requests. But depending on the start up order of docker vs LXD it may work or not without rule modification.
But if you then reload LXD it wipes its own rules and re-adds them which can then cause the docker rules to take effect.
I assume this is in combination with dnsmasq? As it worked fine for many weeks/months before.
Its a well known historical issue (search the forums for docker), its firewall rules prevent containers reaching dnsmasq’s DHCP service. But as I explained it depends on ordering, which can be unpredictable and variable on different systems.
So its been confirmed that its the raw.dnsmasq auth-zone=lxd setting that is causing the problem. See dnsmask process exited prematurely if raw.dnsmasq auth-zone set when using core20 snap · Issue #8905 · lxc/lxd · GitHub issue for more detail.