[Touch-packages] [Bug 2053011] Re: lxc-net fails to start when configuring IPV6

Tue, 13 Feb 2024 05:00:45 -0800 

not really bug related, but in case somebody else is playing around with this 
and ends up here: I also needed to add a firewall rule to UFW before DHCP from 
my unprivileged containers started working: 
 ufw allow in on lxcbr0
(this can probably be restricted a bit further to only allow DHCP requests)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/2053011

Title:
  lxc-net fails to start when configuring IPV6

Status in lxc package in Ubuntu:
  New

Bug description:
  Running on Ubuntu 22.04.3 LTS jammy
  lxc-utils:
    Installed: 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1

  
  When configuring IPV6 on the default lxcbr0 LXC bridge in 
/etc/default/lxc-net, using the following:
  LXC_IPV6_ADDR="fec0:1:1:1::2"
  LXC_IPV6_MASK="64"
  LXC_IPV6_NETWORK="fec0:1:1:1::/64"
  LXC_IPV6_NAT="true"

  The lxc-net service fails to start: systemctl restart lxc-net

  Starting LXC network bridge setup...
  Error: conflicting protocols specified: ip6 vs. ip
                               ^^^^^^^^
  Failed to setup lxc-net.
  lxc-net.service: Main process exited, code=exited, status=1/FAILURE
  lxc-net.service: Failed with result 'exit-code'.
  Failed to start LXC network bridge setup.

  Turns out this is due to a syntax error in 
/usr/lib/x86_64-linux-gnu/lxc/lxc-net on line 174:
  add rule ip6 lxc postrouting ip saddr ${LXC_IPV6_NETWORK} ip daddr != 
${LXC_IPV6_NETWORK} counter masquerade;
  Should mention "ip6 saddr" and "ip6 daddr" in the line, like so:
  add rule ip6 lxc postrouting ip6 saddr ${LXC_IPV6_NETWORK} ip6 daddr != 
${LXC_IPV6_NETWORK} counter masquerade;

  After manually editing the /usr/lib/x86_64-linux-gnu/lxc/lxc-net file
  to include the correct ip6 syntax, lxc-net starts up fine and IPV6
  networking works on my LXC containers.

  This fix seems to already live in the upstream lxc project on github: 
https://github.com/lxc/lxc/commit/4de047f51365cc06a626ee9de49fec5f76556c66#diff-f16b43004d25f547f78c7457ba74cb05eaaa2bcf979dac8173314916ef36e7f4
 and as far as I can tell made it into lxc-utils 5.0.3.
  Unfortunately Ubuntu jammy ships with lxc-utils 5.0.0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2053011/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to