[Kernel-packages] [Bug 1605137] Re: Can still ping container IP address after removing container
I'm going to have to put this on the back burner for a while, sorry. I've got a ton of other stuff to do before I can return to this. I want to set up a VM that I can snapshot and destroy for any testing that you need. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1605137 Title: Can still ping container IP address after removing container Status in linux package in Ubuntu: Triaged Bug description: Using version 2.0.3-0ubuntu2~ubuntu16.04.1~ppa1 I created a container, and then put a tagged vlan on top of lxdbr0 so that I can talk to the host and other containers on a second network. I gave the host's lxdbr0.1215 an IP address, and made eth0.1215 in the container also with its own IP address. After removing the container, I can still ping the address on the VLAN! It also responds with duplicates: $ arping -I lxdbr0.1215 192.168.15.20 ARPING 192.168.15.20 from 192.168.15.1 lxdbr0.1215 Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.599ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.607ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.609ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.534ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.541ms $ ping 192.168.15.20 PING 192.168.15.20 (192.168.15.20) 56(84) bytes of data. 64 bytes from 192.168.15.20: icmp_seq=1 ttl=64 time=0.108 ms 64 bytes from 192.168.15.20: icmp_seq=1 ttl=64 time=0.126 ms (DUP!) 64 bytes from 192.168.15.20: icmp_seq=1 ttl=64 time=0.144 ms (DUP!) 64 bytes from 192.168.15.20: icmp_seq=2 ttl=64 time=0.051 ms Bizarrely: $ nmap 192.168.15.20 Starting Nmap 7.01 ( https://nmap.org ) at 2016-07-21 19:01 AEST Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 3.02 seconds (Supplying -Pn shows all ports are closed.) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1605137/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1605137] Re: Can still ping container IP address after removing container
Did this issue start happening after an update/upgrade? Was there a prior kernel version where you were not having this particular problem? Would it be possible for you to test the latest upstream kernel? Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest v4.8 kernel[0]. If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'. If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'. Once testing of the upstream kernel is complete, please mark this bug as "Confirmed". Thanks in advance. [0] http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.8-rc3 ** Changed in: linux (Ubuntu) Importance: Undecided => Medium ** Tags added: kernel-da-key ** Changed in: linux (Ubuntu) Status: Incomplete => Triaged -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1605137 Title: Can still ping container IP address after removing container Status in linux package in Ubuntu: Triaged Bug description: Using version 2.0.3-0ubuntu2~ubuntu16.04.1~ppa1 I created a container, and then put a tagged vlan on top of lxdbr0 so that I can talk to the host and other containers on a second network. I gave the host's lxdbr0.1215 an IP address, and made eth0.1215 in the container also with its own IP address. After removing the container, I can still ping the address on the VLAN! It also responds with duplicates: $ arping -I lxdbr0.1215 192.168.15.20 ARPING 192.168.15.20 from 192.168.15.1 lxdbr0.1215 Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.599ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.607ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.609ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.534ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.541ms $ ping 192.168.15.20 PING 192.168.15.20 (192.168.15.20) 56(84) bytes of data. 64 bytes from 192.168.15.20: icmp_seq=1 ttl=64 time=0.108 ms 64 bytes from 192.168.15.20: icmp_seq=1 ttl=64 time=0.126 ms (DUP!) 64 bytes from 192.168.15.20: icmp_seq=1 ttl=64 time=0.144 ms (DUP!) 64 bytes from 192.168.15.20: icmp_seq=2 ttl=64 time=0.051 ms Bizarrely: $ nmap 192.168.15.20 Starting Nmap 7.01 ( https://nmap.org ) at 2016-07-21 19:01 AEST Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 3.02 seconds (Supplying -Pn shows all ports are closed.) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1605137/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1605137] Re: Can still ping container IP address after removing container
Moving this over to the kernel. The upstream issue is closed for the same reason. The network namespace is somehow still alive despite the container being fully gone (no processes). In the past this has been caused by some problems in the refcount/cleanup code for the network namespace. The intent is that the namespace be destroyed as soon as the last process using it is gone. ** Package changed: lxd (Ubuntu) => linux (Ubuntu) ** No longer affects: lxd -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1605137 Title: Can still ping container IP address after removing container Status in linux package in Ubuntu: Incomplete Bug description: Using version 2.0.3-0ubuntu2~ubuntu16.04.1~ppa1 I created a container, and then put a tagged vlan on top of lxdbr0 so that I can talk to the host and other containers on a second network. I gave the host's lxdbr0.1215 an IP address, and made eth0.1215 in the container also with its own IP address. After removing the container, I can still ping the address on the VLAN! It also responds with duplicates: $ arping -I lxdbr0.1215 192.168.15.20 ARPING 192.168.15.20 from 192.168.15.1 lxdbr0.1215 Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.599ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.607ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.609ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.534ms Unicast reply from 192.168.15.20 [00:16:3E:B1:9B:0C] 0.541ms $ ping 192.168.15.20 PING 192.168.15.20 (192.168.15.20) 56(84) bytes of data. 64 bytes from 192.168.15.20: icmp_seq=1 ttl=64 time=0.108 ms 64 bytes from 192.168.15.20: icmp_seq=1 ttl=64 time=0.126 ms (DUP!) 64 bytes from 192.168.15.20: icmp_seq=1 ttl=64 time=0.144 ms (DUP!) 64 bytes from 192.168.15.20: icmp_seq=2 ttl=64 time=0.051 ms Bizarrely: $ nmap 192.168.15.20 Starting Nmap 7.01 ( https://nmap.org ) at 2016-07-21 19:01 AEST Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 3.02 seconds (Supplying -Pn shows all ports are closed.) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1605137/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp