I have a problem with networking on a new installation of incus.
My set up is the following: I have a Windows Server 2025 with Hyper-V. On that Hyper-V, I run Debian 12.9 VM on which I have installed incus 6.9. I have enabled MAC Spoofing on the interface in the Hyper-V virtual switch. I have two bridges on the VM br0 (which is bridging the containers to the external network over the Hyper-V switch) and incusbr0. I have containers on both networks and everything appears to work fine… until I try to restart, stop or start a container. In that moment, the entire network for the VM goes down. The containers and the VM itself loses connectivity. It doesn’t matter if the container is on the br0 or incusbr0.
In order to get it to work again I need to open the Hyper-V console and either restart networking with systemctl restart networking or restart the entire VM.
Initially my guess was that Hyper-V is blocking the traffic. But given that just a restart of the networking stack on the VM brings everything in order rules out Hyper-V, at least in my opinion.
Any suggestions where I can look for relevant logs or any steps I should follow to troubleshoot?
It turned out that systemctl restart networking doesn’t restore network to the containers. Only to the VM. When I logged in all of my containers were without networking. Only the network for VM was ok. And furthermore. I tried starting some of my stopped containers and they launched without a problem and get an ip without disturbing the network for the VM. In short the problem is with the stop action. For some reason it is breaking the entire network stack of the incus server.
Hi. My reply is not going to help, but I can at least confirm that in recent times (~2-3 months?) I too have had networking issues in Debian instances especially. This happens to me on different incus instances on different bare-metal servers (all of which run Debian, my common denominator). I can lose connectivity with no easy-to-find reason. Usually it’s DNS that goes down - I can ping 1.1.1.1. but not cloudflare.com, for example. Sometimes I can’t even ping an IP though - really odd behavior.
I have been forced to install Netplan in some instances which “helps” but doesn’t always solve the problem (in one case, I am checking connectivity every minute and restarting netplan when it goes down, which is a lousy solution but I have so far failed to find the real root cause). I have re-created containers from scratch and it’s hit and miss for me as to whether it comes back. Networking is BY FAR my weakest link for my virtualization.
I usually just attribute this to me not being sufficiently expert, but seeing your post makes me wonder if it’s not all on me?
I think this part is expected. If you systemctl restart networking on the host, then it rebuilds all the bridges, and the tap connections from running containers (which had been dynamically added by incus) are lost.
When you restart a container, it gets a new tap interface and that is added to the bridge.
But I don’t know about the original problem, i.e. restarting the container making the host lose connectivity. You’d probably need to debug with tcpdump.
Also check whether HyperV allows multiple MAC addresses from the same host. As a quick way to test this, turn off br0 and just have containers on incusbr0. The MAC addresses of those containers shouldn’t be visible to HyperV.