Hi, I used 10.0.0.0/23 as my MAAS range.
kind regards Pshem On Tue, 10 Nov 2015 at 21:38 Andrew McDermott < [email protected]> wrote: > Hi, > > Where did you specify your base range of "10.0.0.0/23"? > > On 10 November 2015 at 03:03, Pshem Kowalczyk <[email protected]> wrote: > >> Hi, >> >> I've just re-created my environment from MAAS and I noticed that my lxc >> containers can't talk out to the world (but the world could talk back to >> them, for example outbound ICMP would not work, but inbound from a >> different machine on the same L2 broadcast domain - would). That obviously >> broke the provisioning (since the containers couldn't curl anything) >> >> After a little bit of looking around I found this iptables rule (in nat) >> on a host freshly deployed from juju. >> >> Chain POSTROUTING (policy ACCEPT 102 packets, 10926 bytes) >> pkts bytes target prot opt in out source >> destination >> 42 2807 MASQUERADE all -- * * 10.0.1.0/24 ! >> 10.0.1.0/24 >> >> Since I used a 10.0.0.0/23 as my base range and the LXC containers were >> getting 10.0.1.x/23 addresses this rule ended up NATing all the requests to >> the IP on the host - not good. >> >> What creates this rule and what's it for in the first instance? >> >> >> kind regards >> Pshem >> >> >> -- >> Juju mailing list >> [email protected] >> Modify settings or unsubscribe at: >> https://lists.ubuntu.com/mailman/listinfo/juju >> >> > > > -- > Andrew McDermott <[email protected]> > Juju Core Sapphire team <http://juju.ubuntu.com> >
-- Juju mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju
