On Tue, Sep 10, 2019 at 8:12 PM Jamie Strandboge wrote:
>
> On Tue, 10 Sep 2019, Julian Andres Klode wrote:
>
> > Hi folks,
> >
> > it turns out that lxd is broken by iptables now using the nft
> > based stuff, because lxd is still using the legacy one from
> > inside the snap.
> >
> > This provid
On Tue, 10 Sep 2019, Stéphane Graber wrote:
> For LXD specifically, we think it would take us about 3 weeks of
> engineering work to sort this in a way that can work on all
> distributions, properly detecting and supporting:
> - no nft present
> - nft present but old iptables used
> - nft prese
On Tue, 10 Sep 2019, Jamie Strandboge wrote:
> (but ISTR issues in Debian with > 4.19)
Sorry, meant < 4.19 (ie, 4.17 and 4.18 istr still had some issues)
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: PGP signature
--
ubuntu-devel mailing list
ubuntu-de
On Tue, 10 Sep 2019, Julian Andres Klode wrote:
> Hi folks,
>
> it turns out that lxd is broken by iptables now using the nft
> based stuff, because lxd is still using the legacy one from
> inside the snap.
>
> This provides a terrible experience because networking in lxd
> is not working at all
Hi,
I'm strongly on the revert camp. This change landed in the release
pocket after Feature Freeze and effectively causes the majority of
software in the Ubuntu archive to rely on compatibility wrappers to
function.
Those wrappers aren't perfect match for the tools they replace,
causing failures o
Hi folks,
it turns out that lxd is broken by iptables now using the nft
based stuff, because lxd is still using the legacy one from
inside the snap.
This provides a terrible experience because networking in lxd
is not working at all once you enable ufw.
I'd suggest we increase the priority of ip
