I am running a LXC container, which has a veth type interface (if_veth), linked with a bridge (if_bridge) which is in the host(outside of the container). When I sent multicast packets (UDP) from if_bridge, I could observe ethernet frames from if_veth, when I capture the packets with Wireshark. However, if I listen the if_veth interface, by opening a UDP socket, I could not observe the multicast packets. So I think multicast packets are dropped.
Unicast is OK, routing entries in the host machine is OK. Additionally only multicast address which could be received is 224.0.0.1, which is interesting.
I checked for the root cause,
netstat -u -s output in the LXC container
InCsumErrors are more than 0.
I observe skb:kfree_skb events excessively, when I checked “perf” tool output.
I am using CentOS8 kernel 4.18, LXC version 1.0.11
It’s pretty odd that tcpdump/wireshark would see it but that a listener doesn’t…
Normally the usual suspect there would be a firewall as that runs in between the two.
The problem is fixed, there are two steps to apply,
1- Be sure, multicast JOIN messages are sent to the interface, where multicast packets will be received. Add related routing entries, than be sure JOIN messages are sent.
2- Disable checksum offloading, an example command is “ethtool --offload eth0 rx off tx off sg off”
Can you explain more details of below, I have same issue in host
At firstm bridge lost multicast udp packet then sequencely vp also lost packet
But other unicast udp and tcp pass through to lxc
1- Be sure, multicast JOIN messages are sent to the interface, where multicast packets will be received. Add related routing entries, than be sure JOIN messages are sent