Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Containers
User Name
Linux - Containers This forum is for the discussion of all topics relating to Linux containers. Docker, LXC, LXD, runC, containerd, CoreOS, Kubernetes, Mesos, rkt, and all other Linux container platforms are welcome.


  Search this Thread
Old 11-17-2016, 07:45 AM   #1
Registered: Oct 2004
Location: USA
Distribution: Fedora 25;CentOS 7; Kubuntu; Debian
Posts: 860

Rep: Reputation: 37
LXC Container can ping itself and host, but not LAN or Internet

I am trying to setup a Linux Container using bridged networking.

Here's how I setup my bridge:

Here's how I installed the container:

When I use lxc-attach -n lemmy to get into the container, I don't have internet access within the container.

Did I forget an easy step?

This is running in a KVM VM that is using macvtap and that the VM itself is able to access the net.

Other relevant info/things I've done to try and debug the problem.

Host OS: Fedora 24.
VM: CentOS 7 - named Airship
Inside of Airship, a container - named Lemmy.

First round of debugging:
I started the VM - Airship.
Logged into Airship as root.
ping works.
lxc-start -n lemmy -d
lxc-attach -n lemmy

Now I'm inside the container.

gets me "connect: Network is unreachable"

So I did an ip a and it looks like the interface isn't up.
Did a check of systemctl status network.service and apparently it was in a failed state.
When I tried a systemctl start network.service it just stays there without seeming to finish.

Second round of debugging:
When I did a systemctl status network.service - it looks like it was stalling on trying to get a DHCP address.
So I edited the following file:


To have:

So now it comes up and has an IP address. But I can't reach anyone local or internet.

Dmesg shows:

[ 3932.778454] virbr0: port 2(vethFXTSQ3) entered forwarding state
[ 4089.412588] virbr0: received packet on eth0 with own address as source address

It can ping itself and the host.

[root@lemmy ~]# ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.030 ms
64 bytes from icmp_seq=2 ttl=64 time=0.034 ms
64 bytes from icmp_seq=3 ttl=64 time=0.019 ms
64 bytes from icmp_seq=4 ttl=64 time=0.031 ms
[root@lemmy ~]# ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.085 ms
64 bytes from icmp_seq=2 ttl=64 time=0.047 ms
But if I try my local DNS:
[root@lemmy ~]# ping
PING ( 56(84) bytes of data.
From icmp_seq=1 Destination Host Unreachable
From icmp_seq=2 Destination Host Unreachable
From icmp_seq=3 Destination Host Unreachable
Other things you might ask for:

[root@airship ~]# lxc-info -n lemmy
Name: lemmy
PID: 3802
CPU use: 0.18 seconds
BlkIO use: 92.50 KiB
Memory use: 1.11 MiB
KMem use: 0 bytes
Link: vethFXTSQ3
TX bytes: 3.24 KiB
RX bytes: 54.10 KiB
Total bytes: 57.34 KiB
and on the VM hosting the container:

[root@airship ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet scope host lo
   valid_lft forever preferred_lft forever
inet6 ::1/128 scope host 
   valid_lft forever preferred_lft forever
2: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:3d:99:5c brd ff:ff:ff:ff:ff:ff
inet brd scope global dynamic ens4
   valid_lft 2308sec preferred_lft 2308sec
inet6 fe80::5054:ff:fe3d:995c/64 scope link 
   valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UP qlen 1000
link/ether 52:54:00:64:f5:67 brd ff:ff:ff:ff:ff:ff
4: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 52:54:00:64:f5:67 brd ff:ff:ff:ff:ff:ff
inet brd scope global virbr0
   valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe64:f567/64 scope link 
   valid_lft forever preferred_lft forever
8: vethFXTSQ3@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UP qlen 1000
link/ether fe:6f:c5:df:0e:e1 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::fc6f:c5ff:fedf:ee1/64 scope link 
   valid_lft forever preferred_lft forever

[root@airship ~]# brctl show
bridge name bridge id           STP enabled interfaces
virbr0      8000.52540064f567      no         eth0 

Last edited by DJOtaku; 11-17-2016 at 07:48 AM.
Old 11-23-2016, 04:02 AM   #2
Senior Member
Registered: Sep 2009
Location: Raleigh, NC
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,861
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
Likely an iptables routing issue.
Old 05-06-2019, 03:43 AM   #3
LQ Newbie
Registered: May 2019
Posts: 1

Rep: Reputation: 0
sory bro

Last edited by HeatherJLyons; 05-06-2019 at 03:50 AM.


centos, lxc, networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXC Container: sound Not working charlie101 Linux - Virtualization and Cloud 11 04-14-2020 01:15 AM
[SOLVED] Internet acces for LXC container TWfromSWD Linux - Networking 3 06-14-2016 01:52 PM
[SOLVED] lxc new container how to set password jzoudavy Linux - Newbie 1 09-01-2015 01:52 PM
[SOLVED] [LXC] Slackware 14.1 rc1 - Upgraded host & container Chuck56 Slackware 3 10-16-2013 05:58 AM
[SOLVED] ping gives unknown host error ,ping to LAN address works fine aspiring_stellar Linux - Newbie 10 05-24-2011 03:26 PM > Forums > Linux Forums > Linux - Containers

All times are GMT -5. The time now is 09:40 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration