-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lxc-start veth bridge misconfiguration (no master) #4433
Comments
I am a student from UT and we are contributing to open source repositories for our final project. Could we be assigned this issue? |
Would we also set what file do we need to change in the git repo to replicate this issue? |
@yegorius do you have Network Manager or a similar network management tool running on that system? |
@DevonSchwartz it's not clear that this is a bug in LXC yet, we've seen this kind of issues coming from external tools interfering with LXC. If this was a generalized issue, we'd have seen a LOT of people complaining about it :) |
@stgraber I don't use NetworkManager on my system, it's not even installed. I only use systemd-networkd. Nor do I have any firewalls running. |
Would be good to check the The issue reported here smells a lot like something (we've seen it with NetworkManager but could happen with networkd) listening on netlink and trying to "configure" the interfaces we create, making a mess. We clearly don't have missing logic to mark our bridge or interfaces as up, as if we did, we'd have seen this on millions of systems, so it's got to be some weirder interaction going on here. |
Regarding millions of systems: I have first encountered this problem with Waydroid. This is what actually triggered my investigation. If you check their issues page, you will find millions of "no internet" reports. Here is the link. Anyway, I will try to reproduce this issue on a minimal system booted from a USB drive. |
Required information
lxc-checkconfig
cat /proc/1/mounts
Issue description
No network connection inside a freshly created vanilla unmodified container after
lxc-start
.Distro doesn't matter, tested with Alpine edge as well as latest Waydroid.
I have done some debugging and found some clues.
For a
veth
net type,lxc-start
should attach the container interface to a bridge, which I can confirm by running:But there is still no network in the container, e.g. Alpine edge:
udhcpc failed to get a DHCP lease
.On the host
bridge link
output is empty,ip link show master lxcbr0
is empty.Bridge config in sysfs:
Here you can see that the bridge is DOWN. But a correctly configured bridge should be UP and
veth0xYE0v
should have a master.Now, if I run
ip link set dev veth0xYE0v master lxcbr0
everything starts to work: the container receives an IP address, bridge becomes UP etc.So somehow, the bridge is misconfigured by the
lxc-start
.If we dig deeper, we can see that
lxc-start
does indeed end up callingbr_add_if
in the kernel, same asip link set ... master
:The only difference is that
iproute2
usesnetlink
mechanism to configure the net layer, whereaslxc-start
callsioctl(SIOCBRADDIF)
which is supposed to be a more outdated way of configuring net devices.So clearly, either
lxc-start
misses something during net configuration or there is something wrong with the underlying host.Steps to reproduce
USE_LXC_BRIDGE="true"
in/etc/default/lxc
lxc-net
lxc-start -n test -F
udhcpc failed to get a DHCP lease
Additional info
Kernel log doesn't contain anything unusual.
Container log
Container config file
The text was updated successfully, but these errors were encountered: