nach dem Upgrade auf 11 habe ich ein seltsames Phänomen.
Situation:
- Host-shared bridge Setup wegen LXC Container
- Der Host ist seit dem Upgrade nur im gleichen Subnet erreichbar
- Der Host kann nicht mehr ins Internet
- Die Container sind über Remote erreichbar
- Die Container können ins Internet
- Seit dem Upgrade gibt es die neue Datei etc/default/lxc-net
network-manager war/ist nicht installiert
Code: Alles auswählen
root@W5810:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
#allow-hotplug enp1s0
#iface enp1s0 inet static
#address 10.0.1.10
#netmask 255.255.0.0
#gateway 10.0.0.1
#dns-nameservers 10.0.0.1
# The primary network interface (Bridge)
auto br0
iface br0 inet static
bridge_ports enp1s0
bridge_fd 0
address 10.0.1.10
netmask 255.255.0.0
gateway 10.0.0.1
dns-nameservers 10.0.0.1
Code: Alles auswählen
root@W5810:/# cat /etc/default/lxc
# LXC_AUTO - whether or not to start containers at boot
LXC_AUTO="true"
# BOOTGROUPS - What groups should start on bootup?
# Comma separated list of groups.
# Leading comma, trailing comma or embedded double
# comma indicates when the NULL group should be run.
# Example (default): boot the onboot group first then the NULL group
BOOTGROUPS="onboot,"
# SHUTDOWNDELAY - Wait time for a container to shut down.
# Container shutdown can result in lengthy system
# shutdown times. Even 5 seconds per container can be
# too long.
SHUTDOWNDELAY=5
# OPTIONS can be used for anything else.
# If you want to boot everything then
# options can be "-a" or "-a -A".
OPTIONS=
# STOPOPTS are stop options. The can be used for anything else to stop.
# If you want to kill containers fast, use -k
STOPOPTS="-a -A -s"
USE_LXC_BRIDGE="false" # overridden in lxc-net
Code: Alles auswählen
root@W5810:/# cat /etc/default/lxc-net
USE_LXC_BRIDGE="false"
# Honor system's dnsmasq configuration
#LXC_DHCP_CONFILE=/etc/dnsmasq.conf
Code: Alles auswählen
root@W5810:/# cat /etc/lxc/default.conf
lxc.net.0.type = veth
lxc.net.0.link = br0
lxc.net.0.flags = up
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.start.auto = 1
lxc.start.delay = 5
Code: Alles auswählen
root@W5810:/# cat /var/lib/lxc/LxcTemplate/config
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stable
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.net.0.type = veth
lxc.net.0.hwaddr = 00:16:3e:21:24:53
lxc.net.0.link = br0
lxc.net.0.flags = up
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.start.auto = 1
lxc.start.delay = 5
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = dir:/var/lib/lxc/LxcTemplate/rootfs
lxc.uts.name = LxcTemplate
Code: Alles auswählen
root@W5810:/# cat /var/lib/lxc/LxcTemplate/rootfs/etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.0.1.200
netmask 255.255.0.0
gateway 10.0.0.1
dns-nameservers 10.0.0.1
Code: Alles auswählen
root@W5810:/# ip a show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether 00:14:fd:19:04:69 brd ff:ff:ff:ff:ff:ff
3: enp5s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:14:fd:19:04:6a brd ff:ff:ff:ff:ff:ff
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 76:d1:76:40:fa:b5 brd ff:ff:ff:ff:ff:ff
inet 10.0.1.10/16 brd 10.0.255.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::74d1:76ff:fe40:fab5/64 scope link
valid_lft forever preferred_lft forever
5: veth8gp9Ee@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
link/ether fe:c9:5e:49:50:40 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::fcc9:5eff:fe49:5040/64 scope link
valid_lft forever preferred_lft forever
6: vethCwFwmK@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
link/ether fe:bf:60:92:a3:c4 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::fcbf:60ff:fe92:a3c4/64 scope link
valid_lft forever preferred_lft forever
Ich habe jetzt schon länger gesucht und finde keine Lösung.
Das deaktivieren der lxcbr0 in /etc/default/lxc-net hat leider keinen Erfolg gebracht.
Danke im Voraus!
mfg
