On Wednesday 09 of November 2016 01:33:55 Saint Michael wrote:
> Now suppose I have a machine, not a container, in the same broadcast domain
> as the containers, same subnet.
> It cannot ping or ssh into a container, which is accessible from outside my
> network.
> However, from inside the container the packets come and go perfectly, when
> the connection is originated by the container.
> A container can ping that host I mentioned, but the host cannot ping back
> the container.
Assuming you have container on host and external machine,
if you can:
machine ~]$ ping container
but not (if I understand correctly):
container ~]$ ping machine
compare (tcpdump -e icmp -n ) of both pings on machine and host to see if
they are different?
check if they do not get filtered by rp_filter
sysctl -a | grep [.]rp_filter
--
Mateusz Korniak
"(...) mam brata - poważny, domator, liczykrupa, hipokryta, pobożniś,
krótko mówiąc - podpora społeczeństwa."
Nikos Kazantzakis - "Grek Zorba"
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
