How are these containers networked together? Are you using a Bridges on the host or are you just bringing up new interfaces on the host?
On 07/06/2016 10:24 AM, st...@linuxsuite.org wrote: > Howdy! > > I have a number of containers running. Is it expected that > information about the network of other containers is "visible".. for > example > > the container admn-101 has ip 10.2.3.101 > > [root@admn-101 admn-101]# netstat -an|grep LIST > tcp 0 0 0.0.0.0:514 0.0.0.0:* > LISTEN > tcp 0 0 10.2.3.101:22 0.0.0.0:* > LISTEN > tcp 0 0 0.0.0.0:25 0.0.0.0:* > LISTEN > tcp 0 0 :::514 :::* > LISTEN > unix 2 [ ACC ] STREAM LISTENING 69697909 > @/com/ubuntu/upstart > > The other container on the host has ip 10.5.5.101 > > [root@admn-101 admn-101]# netstat -an > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address Foreign Address > State > tcp 0 0 0.0.0.0:514 0.0.0.0:* > LISTEN > tcp 0 0 10.5.5.101:443 103.14.89.19:10165 > SYN_RECV > tcp 0 0 10.5.5.101:443 114.77.25.146:50649 > SYN_RECV > tcp 0 0 10.5.5.101:443 96.53.94.194:51060 > SYN_RECV > tcp 0 0 10.5.5.101:443 96.53.94.194:51051 > SYN_RECV > tcp 0 0 10.5.5.101:443 122.106.235.197:61016 > SYN_RECV > tcp 0 0 10.5.5.101:443 84.74.55.62:63064 > SYN_RECV > tcp 0 0 10.5.5.101:443 39.110.173.3:6985 > SYN_RECV > tcp 0 0 10.5.5.101:443 96.53.94.194:50958 > SYN_RECV > tcp 0 0 10.5.5.101:443 171.99.169.231:53917 > SYN_RECV > tcp 0 0 10.5.5.101:443 96.53.94.194:51018 > SYN_RECV > tcp 0 0 10.5.5.101:443 116.15.8.112:64049 > SYN_RECV > tcp 0 0 10.5.5.101:443 71.56.250.124:58672 > SYN_RECV > tcp 0 0 10.2.3.101:22 0.0.0.0:* > LISTEN > tcp 0 0 0.0.0.0:25 0.0.0.0:* > LISTEN > tcp 0 0 10.2.3.101:22 10.2.1.2:48356 > ESTABLISHED > tcp 0 0 :::514 :::* > LISTEN > udp 0 0 0.0.0.0:514 0.0.0.0:* > udp 0 0 :::514 :::* > > Why is information about 10.5.5.101 visable??? Is this expected? > shouldn't cgroup limit this visibility?? > > Also iptables in admn-101 logs packets from 10.5.5.101 but only > some??? > > [root@admn-101 admn-101]# tail -f kern > kern.warning: Jul 6 10:22:06 admn-101 kernel:IN= OUT=eth3 SRC=10.5.5.101 > DST=52.0.92.26 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=46910 DF PROTO=TCP > SPT=34378 DPT=443 WINDOW=14600 RES=0x00 SYN URGP=0 > kern.warning: Jul 6 10:22:06 admn-101 kernel:IN= OUT=eth3 SRC=10.5.5.101 > DST=52.7.169.28 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=49586 DF PROTO=TCP > SPT=57832 DPT=443 WINDOW=14600 RES=0x00 SYN URGP=0 > kern.warning: Jul 6 10:22:07 admn-101 kernel:IN= OUT=eth3 SRC=10.5.5.101 > DST=52.7.169.28 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=53263 DF PROTO=TCP > SPT=57856 DPT=443 WINDOW=4600 RES=0x0SNUG= <4>IN= OUT=eth3 SRC=10.5.5.101 > DST=52.0.92.26 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=866 DF PROTO=TCP > SPT=34456 DPT=443 WINDOW=14600 RES=0x00 SYN URGP=0 > kern.info: Jul 6 10:22:12 admn-101 kernel:1209.6LN6 O=x0PE=x0TL6 D673D > RT=TPST366DT43WNO=40 E=x0SNUG= <4>IN= OUT=eth3 SRC=10.5.5.101 > DST=52.7.169.28 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=60707 DF PROTO=TCP > SPT=58190 DPT=443 WINDOW=14600 RES=0x00 SYN URGP=0 > > > > > > root@admn-101 # ifconfig > eth0 Link encap:Ethernet HWaddr 52:D0:AF:B6:9D:16 > inet addr:10.2.3.101 Bcast:10.2.255.255 Mask:255.255.0.0 > inet6 addr: fe80::50d0:afff:feb6:9d16/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:6758 errors:0 dropped:0 overruns:0 frame:0 > TX packets:814 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:1270156 (1.2 MiB) TX bytes:150528 (147.0 KiB) > > eth1 Link encap:Ethernet HWaddr 3E:43:D5:B7:2C:DF > inet addr:10.5.3.101 Bcast:10.5.255.255 Mask:255.255.0.0 > inet6 addr: fe80::3c43:d5ff:feb7:2cdf/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:12 errors:0 dropped:0 overruns:0 frame:0 > TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:828 (828.0 b) TX bytes:468 (468.0 b) > > eth2 Link encap:Ethernet HWaddr EA:78:BC:50:BD:CF > inet addr:10.1.3.101 Bcast:10.1.255.255 Mask:255.255.0.0 > inet6 addr: fe80::e878:bcff:fe50:bdcf/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:122 errors:0 dropped:0 overruns:0 frame:0 > TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:13242 (12.9 KiB) TX bytes:468 (468.0 b) > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:65536 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
