No connection from host to container and vice versa

Hi,

I am not able to get any connection from the host to containers and vice versa. Ping for example is not working.

Here is my setup:

Host:

user@host:~$ lxc version
Client version: 5.11
Server version: 5.11

user@host:~$ lxc profile show default
config: {}
description: Default LXD profile
devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: br0
    type: nic
  root:
    path: /
    pool: lvmpool
    type: disk
name: default
used_by:
- /1.0/instances/AD
- /1.0/instances/FS

user@host:~$ sudo brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.f6c4defedb0b       no              eno1
                                                        veth82bf8546
                                                        vethef8c1590
                                                        vethf7cbec78
                                                        vnet0
virbr0          8000.525400a5fc78       yes

user@host:~$ lxc network show br0
config: {}
description: ""
name: br0
type: bridge
used_by:
- /1.0/instances/AD
- /1.0/instances/FS
- /1.0/profiles/default
managed: false
status: ""
locations: []

user@host:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
    link/ether 6c:2b:59:8e:2e:7f brd ff:ff:ff:ff:ff:ff
    altname enp5s0f0
    inet 10.16.99.252/24 brd 10.16.99.255 scope global eno1
       valid_lft forever preferred_lft forever
3: eno2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 6c:2b:59:8e:2e:80 brd ff:ff:ff:ff:ff:ff
    altname enp5s0f1
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether f6:c4:de:fe:db:0b brd ff:ff:ff:ff:ff:ff
    inet 10.16.99.10/24 brd 10.16.99.255 scope global br0
       valid_lft forever preferred_lft forever
    inet6 fe80::f4c4:deff:fefe:db0b/64 scope link
       valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:a5:fc:78 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
6: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UNKNOWN group default qlen 1000
    link/ether fe:54:00:a7:fc:9e brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc54:ff:fea7:fc9e/64 scope link
       valid_lft forever preferred_lft forever
8: veth82bf8546@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
    link/ether 2e:9e:b6:76:6f:3b brd ff:ff:ff:ff:ff:ff link-netnsid 0
10: vethef8c1590@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
    link/ether 0e:41:e1:4b:71:20 brd ff:ff:ff:ff:ff:ff link-netnsid 1
12: vethf7cbec78@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
    link/ether 6a:3e:f0:75:c3:fd brd ff:ff:ff:ff:ff:ff link-netnsid 2

user@host:~$ ip r
default via 10.16.99.1 dev br0 proto static
default via 10.16.99.1 dev eno1 proto static
10.16.99.0/24 dev eno1 proto kernel scope link src 10.16.99.252
10.16.99.0/24 dev br0 proto kernel scope link src 10.16.99.10
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

Container:

user@host:~$ lxc config show --expanded AD
architecture: x86_64
config:
  boot.autostart: "1"
  boot.autostart.delay: "1"
  boot.autostart.priority: "100"
  image.architecture: amd64
  image.description: Ubuntu jammy amd64 (20230304_07:43)
  image.os: Ubuntu
  image.release: jammy
  image.serial: "20230304_07:43"
  image.type: squashfs
  image.variant: default
  security.privileged: "true"
  volatile.base_image: 5909a4fcd125acab1c7f90c8c36479b29f4783fe9954a7101867d4deea64330d
  volatile.cloud-init.instance-id: 44c8e5c1-1242-420e-b7ac-990fb66af2fe
  volatile.eth0.host_name: veth82bf8546
  volatile.eth0.hwaddr: 00:16:3e:39:70:c6
  volatile.idmap.base: "0"
  volatile.idmap.current: '[]'
  volatile.idmap.next: '[]'
  volatile.last_state.idmap: '[]'
  volatile.last_state.power: RUNNING
  volatile.uuid: 7626b18c-f98b-4328-b2fd-d828c724b0c5
devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: br0
    type: nic
  root:
    path: /
    pool: lvmpool
    type: disk
ephemeral: false
profiles:
- default
stateful: false
description: ""

root@AD:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:16:3e:39:70:c6 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.16.99.25/24 brd 10.16.99.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::216:3eff:fe39:70c6/64 scope link
       valid_lft forever preferred_lft forever

root@AD:~# ip r
default via 10.16.99.1 dev eth0 proto static
10.16.99.0/24 dev eth0 proto kernel scope link src 10.16.99.25

Thanks for any advice!

Best,
Chris

I /think/ that you need to remove the IP configuration of eno1 in your host because this NIC is now used in br0. When you put a physical NIC into a bridge, you need to move the IP configuration from the NIC to the bridge to avoid problems among which is having 2 default routes.

Thanks! That did the trick.