Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RP no route to exteral network from container - nf_tables #198

Closed
mjudeikis opened this issue Feb 20, 2020 · 1 comment
Closed

RP no route to exteral network from container - nf_tables #198

mjudeikis opened this issue Feb 20, 2020 · 1 comment

Comments

@mjudeikis
Copy link
Contributor

Newest kernel and VM image do not allow external network connectivity from within container:

[root@rp-000000 ~]# podman run -it --rm docker.io/fedora:27 bash                                                                                                                                                                                              
Trying to pull docker.io/fedora:27...                                                                                                                                                                                                                         
Getting image source signatures                                                                                                                                                                                                                               
Copying blob b93b55b43f66 done                                                                                                                                                                                                                                
Copying config f896985854 done                                                                                                                                                                                                                                
Writing manifest to image destination                                                                                                                                                                                                                         
Storing signatures                                                                                                                                                                                                                                            
[root@770ba4d8ec14 /]# curl http://169.254.169.254                                                                                                                                                                                                            
curl: (7) Failed to connect to 169.254.169.254 port 80: No route to host

Where if we disable firewalld, it works. I think it is related to move to nf_tables
containers/podman#3462

Legacy iptables alias do not exist anymore for the fallback

sudo iptables --version
iptables v1.8.2 (nf_tables)

Linux rp-000000 4.18.0-147.5.1.el8_1.x86_64 #1 SMP Tue Jan 14 15:50:19 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Red Hat Enterprise Linux release 8.1 (Ootpa)
@jim-minter
Copy link
Member

Suggested workaround at https://bugzilla.redhat.com/show_bug.cgi?id=1805212#c7

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jim-minter @mjudeikis