10.0.1.0/24
Pshem Kowalczyk
pshem.k at gmail.com
Tue Nov 10 08:51:53 UTC 2015
Hi,
I used 10.0.0.0/23 as my MAAS range.
kind regards
Pshem
On Tue, 10 Nov 2015 at 21:38 Andrew McDermott <
andrew.mcdermott at canonical.com> wrote:
> Hi,
>
> Where did you specify your base range of "10.0.0.0/23"?
>
> On 10 November 2015 at 03:03, Pshem Kowalczyk <pshem.k at gmail.com> wrote:
>
>> Hi,
>>
>> I've just re-created my environment from MAAS and I noticed that my lxc
>> containers can't talk out to the world (but the world could talk back to
>> them, for example outbound ICMP would not work, but inbound from a
>> different machine on the same L2 broadcast domain - would). That obviously
>> broke the provisioning (since the containers couldn't curl anything)
>>
>> After a little bit of looking around I found this iptables rule (in nat)
>> on a host freshly deployed from juju.
>>
>> Chain POSTROUTING (policy ACCEPT 102 packets, 10926 bytes)
>> pkts bytes target prot opt in out source
>> destination
>> 42 2807 MASQUERADE all -- * * 10.0.1.0/24 !
>> 10.0.1.0/24
>>
>> Since I used a 10.0.0.0/23 as my base range and the LXC containers were
>> getting 10.0.1.x/23 addresses this rule ended up NATing all the requests to
>> the IP on the host - not good.
>>
>> What creates this rule and what's it for in the first instance?
>>
>>
>> kind regards
>> Pshem
>>
>>
>> --
>> Juju mailing list
>> Juju at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/juju
>>
>>
>
>
> --
> Andrew McDermott <andrew.mcdermott at canonical.com>
> Juju Core Sapphire team <http://juju.ubuntu.com>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju/attachments/20151110/9d3f415a/attachment.html>
More information about the Juju
mailing list