10.0.1.0/24
Andrew McDermott
andrew.mcdermott at canonical.com
Tue Nov 10 08:38:05 UTC 2015
Hi,
Where did you specify your base range of "10.0.0.0/23"?
On 10 November 2015 at 03:03, Pshem Kowalczyk <pshem.k at gmail.com> wrote:
> Hi,
>
> I've just re-created my environment from MAAS and I noticed that my lxc
> containers can't talk out to the world (but the world could talk back to
> them, for example outbound ICMP would not work, but inbound from a
> different machine on the same L2 broadcast domain - would). That obviously
> broke the provisioning (since the containers couldn't curl anything)
>
> After a little bit of looking around I found this iptables rule (in nat)
> on a host freshly deployed from juju.
>
> Chain POSTROUTING (policy ACCEPT 102 packets, 10926 bytes)
> pkts bytes target prot opt in out source
> destination
> 42 2807 MASQUERADE all -- * * 10.0.1.0/24 !
> 10.0.1.0/24
>
> Since I used a 10.0.0.0/23 as my base range and the LXC containers were
> getting 10.0.1.x/23 addresses this rule ended up NATing all the requests to
> the IP on the host - not good.
>
> What creates this rule and what's it for in the first instance?
>
>
> kind regards
> Pshem
>
>
> --
> Juju mailing list
> Juju at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/juju
>
>
--
Andrew McDermott <andrew.mcdermott at canonical.com>
Juju Core Sapphire team <http://juju.ubuntu.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju/attachments/20151110/a1ec60a6/attachment.html>
More information about the Juju
mailing list