Using MacVLAN i had assigned Public Static IP to container , all outgoings working fine but no incoming

v3ss0n · February 14, 2023, 10:14pm

I used to do that before , and hosted manjaro/nginx/web applications and ssh - with dedicated public ip address.
Those containers are now removed , and i used the same profile on new container with follow macvlan.

I used macvlan :

config:
  boot.autostart: "false"
  security.nesting: "true"
description: Default LXD profile
devices:
  eth0:
    nictype: macvlan
    parent: enp1s0f1
    type: nic
  root:
    path: /
    pool: btrfs
    type: disk
name: macvlan-btrfs
used_by:
- /1.0/instances/staging

LXD version : 5.10 .

here is netplan config on container

network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: no
      addresses:
        -  PUBLIC_IP_ADDRESS/29
      routes:
        - to: default
          via:  DEFAULTROUTE_FOUND_ON_HOST
      nameservers:
        addresses:
          - 8.8.8.8

All outgoing connections works but all incoming fails.

tomp · February 15, 2023, 8:15am

Please show ip a and ip r from the LXD host and container.

Also please confirm whether disabling the host’s firewall fixes the issue (e.g. using sudo iptables -F or sudo nft flush ruleset).