Public | Automated Build

Last pushed: 7 months ago
Short Description
tshark alpine eth1
Full Description
  • Vultr.com - MACVLAN bridging issue

    |-------------------------------+--------------------------------+---------------------|
    | host0 | vultr bridge (private network) | host1 |
    |-------------------------------+--------------------------------+---------------------|
    | CoreOS | | CoreOS |
    | | | |
    | eth1 10.99.0.254/24 | <- proper connectivity -> | eth1 10.99.0.220/24 |
    | Docker MACVLAN 10.99.0.100/24 | <-X no connectivity X-> | eth1 10.99.0.220/24 |
    | | <-X visible arp traffic X-> | |
    |-------------------------------+--------------------------------+---------------------|

    In words: Host0 is running CoreOS with two eth interfaces, eth0 is a public IP (of no interest to us) and eth1 is a private network.
    There is a docker container with eth0 at IP 10.99.0.100/24, that is bridged into host0 eth1 with macvlan.
    This container tries to ping host1 eth1 interface and fails.

    The failure occurs only on vultr.com, any other KVM instance works as expected, ie: Containers can communicate with each other and with host instances.

  • How to reproduce:

    1. Clone this repo and alter ssh keys.
    2. Boot a couple of instances with private network in the same region, use host0.ipxe and host1.ipxe respectively, ie:

    #+BEGIN_SRC shell :results drawer :noweb yes
    ssh core@host0 docker exec macvlan-test ping -c 3 10.99.0.220

    92 bytes from b23b29a70fdb (10.99.0.100): Destination Host Unreachable

    92 bytes from b23b29a70fdb (10.99.0.100): Destination Host Unreachable

    92 bytes from b23b29a70fdb (10.99.0.100): Destination Host Unreachable

    #+END_SRC

    #+BEGIN_SRC shell :results drawer
    ssh core@host1 docker logs tshark

    02:42:0a:63:00:64 ? Broadcast ARP 42 Who has 10.99.0.220? Tell 10.99.0.100

    5a:00:00:60:2b:5b ? 02:42:0a:63:00:64 ARP 42 10.99.0.220 is at 5a:00:00:60:2b:5b

    02:42:0a:63:00:64 ? Broadcast ARP 42 Who has 10.99.0.220? Tell 10.99.0.100

    5a:00:00:60:2b:5b ? 02:42:0a:63:00:64 ARP 42 10.99.0.220 is at 5a:00:00:60:2b:5b

    02:42:0a:63:00:64 ? Broadcast ARP 42 Who has 10.99.0.220? Tell 10.99.0.100

    5a:00:00:60:2b:5b ? 02:42:0a:63:00:64 ARP 42 10.99.0.220 is at 5a:00:00:60:2b:5b

    #+END_SRC

  • Notes
    Originally submitted as Docker issue [[https://github.com/docker/docker/issues/31995][#31995]]
    After booting this config on my local KVM and seeing it work perfectly, it was obvious that docker / coreOS has nothing to do with it.

Docker Pull Command
Owner
voobscout
Source Repository

Comments (0)