[pkg-lxc-devel] Bug#993232: lxc: Cannot add ipv4 gateway for network device "eth0" when not bringing up the interface.

Pierre-Elliott Bécue peb at debian.org
Fri Jan 28 00:19:41 GMT 2022 

Control: tags -1 +moreinfo

Le dimanche 29 août 2021 à 12:23:09+0800, John a écrit :
> Package: lxc
> Version: 1:4.0.10-1
> Severity: normal
> X-Debbugs-Cc: johnw at wonghome.net
> 
> Dear Maintainer,
> 
> *** Reporter, please consider answering these questions, where appropriate ***
> 
> 	After upgraded lxc from 4.0.6-2 to 4.0.10-1. lxc container cannot start.
> 	I find the error with "lxc-start -l trace" like below: 
> 
> 	network.c:lxc_network_setup_in_child_namespaces_common:3894 - Cannot add ipv4 gateway for network device "eth0" when not bringing up the interface
> 	network.c:lxc_setup_network_in_child_namespaces:4038 - Function not implemented - Failed to setup netdev
> 	conf.c:lxc_setup:4080 - Failed to setup network
> 	start.c:do_start:1291 - Failed to setup container "vbox"
> 
> 	If I rollback to 4.0.6-2, everything work fine as before.
> 	If I remove the line "lxc.net.0.ipv4.gateway = 10.0.3.1" in "/var/lib/lxc/vbox/config" (container config),
> 	the container can start again, but result no network , only loopback interface (lo) in container (no eth0 in container).

From where I stand, I'm unable to reproduce:

❯ sudo lxc-create toto -t debian -- -r bullseye
[snip]
❯ sudo service lxc-net start
❯ ip a
[snip]
7: lxcbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 00:16:3e:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet 10.0.3.1/24 brd 10.0.3.255 scope global lxcbr0
       valid_lft forever preferred_lft forever
❯ sudo lxc-ls -f
NAME STATE   AUTOSTART GROUPS IPV4 IPV6 UNPRIVILEGED 
toto STOPPED 0         -      -    -    false        
❯ sudo vim /var/lib/lxc/toto/config
[adding ip conf]
❯ sudo cat /var/lib/lxc/toto/config
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r bullseye
# For additional config options, please look at lxc.container.conf(5)

# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)

lxc.net.0.type = veth
lxc.net.0.hwaddr = 00:16:3e:cb:a1:76
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.ipv4.address = 10.0.3.3/24
lxc.net.0.ipv4.gateway = 10.0.3.1
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.rootfs.path = dir:/var/lib/lxc/toto/rootfs

# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf

# Container specific configuration
lxc.tty.max = 4
lxc.uts.name = toto
lxc.arch = amd64
lxc.pty.max = 1024
❯ sudo lxc-start toto
❯ sudo lxc-ls -f
NAME STATE   AUTOSTART GROUPS IPV4     IPV6 UNPRIVILEGED 
toto RUNNING 0         -      10.0.3.3 -    false        

Please, try creating a new unprivileged container and make some tests
with it, as for what I see, it doesn't seem like LXC is buggy.

Cheers!

-- 
Pierre-Elliott Bécue
GPG: 9AE0 4D98 6400 E3B6 7528  F493 0D44 2664 1949 74E2
It's far easier to fight for principles than to live up to them.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-lxc-devel/attachments/20220128/f9ae6e2e/attachment.sig>

More information about the Pkg-lxc-devel mailing list