[Pkg-libvirt-maintainers] Bug#1104431: Bug#1104431: libvirt-daemon-driver-lxc: Starting libvirt_lxc container with MTU set to != 1500 doesn't set specified MTU on veth devices

Andrea Bolognani eof at kiyuko.org
Sun Jun 1 21:04:55 BST 2025 

On Tue, Apr 29, 2025 at 11:17:53PM +0100, Gary Hawkins wrote:
> When I start an LXC container using virsh -c lxc:///system start
> <name> where the domain XML file for that container contains
> something along the lines of:
> 
> <interface type='bridge'>
>       <mac address='52:54:00:03:87:f2'/>
>       <source bridge='ovs0'/>
>       <vlan trunk='yes'>
>         <tag id='2'/>
>       </vlan>
>       <virtualport type='openvswitch'>
>         <parameters interfaceid='c8304245-b238-4c61-a7c1-6a8bc905e251'/>
>       </virtualport>
>       <mtu size='9000'/>
> </interface>
> 
> the container starts as expected, but the "vnet<n>" veth device(s)
> created as a result are always set to exactly 1500 MTU regardless
> of what is specified for MTU in the domain XML.  This only happens
> when using LXC containers with libvirt; qemu/KVM VMs started with
> libvirt set the MTU correctly.  I am unsure whether this is a bug
> in libvirt or whether the underlying systemd-container process is
> handling this incorrectly.  While it is possible to alter the MTU
> of the veth device once started and make it work, that's not a
> workable solution in the long term.
> 
> What I expect to happen is that either the MTU is set on the veth
> device as specified in the domain XML, or the XML does not allow
> MTU to be set, but I cannot see anything in the libvirt
> documentation to suggest that setting MTU is not a valid option
> here.
> 
> https://libvirt.org/formatdomain.html#mtu-configuration does not
> seem to specify that <mtu size='...'/> is unacceptable for LXC
> containers, so I assume this was meant to work.
> 
> This is reproducible in the current 11.2.0-2 in trixie and also
> 11.2.0-3 in experimental.  (I have downgraded back to 11.0.2-2 now)

To clarify, this doesn't work with 11.0.2-2 either, right? So it's
not a regression in trixie compared to bookworm.

Based on a quick look at the code, it seems that the necessary
functionality has only been wired up in the QEMU and Cloud Hypervisor
driver. Someone would have to modify the LXC driver to reach feature
parity.

I recommend that you file an upstream feature requrest here:

  https://gitlab.com/libvirt/libvirt/-/issues

Once you've done so, we can mark this bug as "forwarded".

-- 
Andrea Bolognani <eof at kiyuko.org>
Resistance is futile, you will be garbage collected.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-libvirt-maintainers/attachments/20250601/b2b3d67f/attachment.sig>

More information about the Pkg-libvirt-maintainers mailing list