[systemd-devel] Network unreachable in container

arnaud gaboury arnaud.gaboury at gmail.com
Tue Mar 4 07:24:24 PST 2014 

I have a npsawn/networkd managed container. Unfortunately, I can't
reach network from the container. Below are part of the setup.

On host :

/etc/systemd/network/70-dahlia-network
[Match]
Host=host0
Virtualization=container

[NetDev]
Name=br0
Kind=bridge
***************
/etc/systemd/network/80-dahlia-network
[Match]
Virtualization=container

[Network]
DHCP=no
DNS=192.168.1.254

[Address]
Address=192.168.1.94/24

[Route]
Gateway=192.168.1.254
*********
two static netctl profiles, one for enp7s0 and one for br0

On host :

 % ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp7s0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast state UP group default qlen 1000
    link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.87/24 brd 192.168.1.255 scope global enp7s0
       valid_lft forever preferred_lft forever
    inet 192.168.1.98/24 brd 192.168.1.255 scope global secondary enp7s0
       valid_lft forever preferred_lft forever
    inet6 fe80::16da:e9ff:feb5:7a88/64 scope link
       valid_lft forever preferred_lft forever
8: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UP group default
    link/ether 82:95:bc:dd:a7:88 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::e0d2:94ff:feea:2a52/64 scope link
       valid_lft forever preferred_lft forever
14: vb-dahlia: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast master br0 state UP group default qlen 1000
    link/ether 82:95:bc:dd:a7:88 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::8095:bcff:fedd:a788/64 scope link
       valid_lft forever preferred_lft forever

----------------------
Now on container side, no netctl profile, no /etc/systemd/networkd
files, systemd-networkd enabled

 % ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 192.168.1.94/24 brd 192.168.1.255 scope global lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: host0: <BROADCAST,ALLMULTI,NOTRAILERS,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast state UP group default qlen 1000
    link/ether c6:01:07:8a:9d:f3 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.94/24 brd 192.168.1.255 scope global host0
       valid_lft forever preferred_lft forever
    inet6 fe80::c401:7ff:fe8a:9df3/64 scope link
       valid_lft forever preferred_lft forever
**********
 % ip route
default via 192.168.1.254 dev host0
192.168.1.0/24 dev host0  proto kernel  scope link  src 192.168.1.94
*******
% cat /proc/net/dev
Inter-|   Receive                                                |  Transmit
 face |bytes    packets errs drop fifo frame compressed
multicast|bytes    packets errs drop fifo colls carrier compressed
 host0:  138472     360    0    0    0     0          0         0
900      14    0    0    0     0       0          0
    lo:    1792      22    0    0    0     0          0         0
1792      22    0    0    0     0       0          0


I can ping from the container the gateway (192.168.1.254) and the host
(192.168.1.87) but I can't reach the network. I have been trying as
many settings as possible, but with no sucess.

Did I miss something ? Shall I use the vb-dahlia device on the
container to route traffic, rather than host0 ? Shall I enable any
netctl/networkd profile ?

Thank you for help as I have no clue and ran out of ideas.

More information about the systemd-devel mailing list