LXD containers with nictype=physical cannot be reached from LAN

Morgan_Kisienya · November 30, 2019, 4:15pm

Hi,

I have the following setup
LXD version 3.0.3
Two containers each with a different profile as follows
lxc profile show container2
devices:
eth0:
name: eth0
nictype: physical
parent: eth1
type: nic
lxc profile show container3
devices:
eth0:
name: eth0
nictype: physical
parent: eth2
type: nic

The two containers have received IP address via dhcp
I can ping other LAN computers from the two containers
I can ping the internet from the two containers
BUT other LAN computers cannot ping the two containers
BUT the containers cannot ping each other

Any help.

Thanks

Morgan_Kisienya · December 3, 2019, 11:54am

Any ideas…

tomp · December 3, 2019, 12:14pm

Have you tried running tcpdump inside the container on the physical interfaces passed through to check whether the packets from other computers are reaching the containers. I find it surprising that you’re able to ping computers on the wider LAN from the containers but that they can’t ping back to the container (as the action of pinging implies bidirectional comms is working).

Please can you provide the output of ip a and ip r in both containers and on the host please.

Morgan_Kisienya · December 4, 2019, 3:20pm

Hi,

Apologies, I recreated the container, profile and the physical nic.

All is well now.

I will try to replicate, to establish whether it is a bug or not.