Hi On 13-04-2022 10:04, Santiago Ruano Rincón wrote:
Good. But it would be nice to know why it got that not-so-random MAC address. Regular lxc containers populate their initial config from /etc/lxc/default.conf. No idea if autopkgtest-build-lxc does something extra. * verify packets can be routed (NATed) and it's a DNS resolution problem with a ping 128.31.0.62 (or any other public IP)
root@autopkgtest-unstable-riscv64:~# echo >/dev/tcp/130.89.148.77/80 && echo "open"
open So, this seems like a DNS issue. I am missing a lot of tools in the container but while trying I got this: root@autopkgtest-unstable-riscv64:~# resolvectl query deb.debian.org sd_bus_open_system: No such file or directory Does that help in any way?
* verify NAT rules with nft list ruleset. There should be a couple of lxc-related tables. If nft is not available, I think it should be on iptables -L -t nat.
root@unmatched:~# nft list ruleset
table inet lxc {
chain input {
type filter hook input priority filter; policy accept;
iifname "lxcbr0" udp dport { 53, 67 } accept
iifname "lxcbr0" tcp dport { 53, 67 } accept
}
chain forward {
type filter hook forward priority filter; policy accept;
iifname "lxcbr0" accept
oifname "lxcbr0" accept
}
}
table ip lxc {
chain postrouting {
type nat hook postrouting priority srcnat; policy accept;
ip saddr 10.0.3.0/24 ip daddr != 10.0.3.0/24 counter
packets 38 bytes 2260 masquerade
}
}
Paul
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature