rootless kit port forwarder broken with custom slirp4netns cidr #9828
Assignees
Labels
kind/bug
Categorizes issue or PR as related to a bug.
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
stale-issue
Comments
openshift-ci-robot
added
the
kind/bug
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Apr 5, 2021
The source ip for the rootlesskit port forwarder was hardcoded to the standard slirp4netns ip. This is incorrect since users can change the subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`. The container interface ip is always the .100 in the subnet. Only when the rootlesskit port forwarder child ip matches the the container interface ip the port forwarding will work. Fixes containers#9828 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Apr 5, 2021
The source ip for the rootlesskit port forwarder was hardcoded to the standard slirp4netns ip. This is incorrect since users can change the subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`. The container interface ip is always the .100 in the subnet. Only when the rootlesskit port forwarder child ip matches the container interface ip the port forwarding will work. Fixes containers#9828 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Apr 5, 2021
The source ip for the rootlesskit port forwarder was hardcoded to the standard slirp4netns ip. This is incorrect since users can change the subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`. The container interface ip is always the .100 in the subnet. Only when the rootlesskit port forwarder child ip matches the container interface ip the port forwarding will work. Fixes containers#9828 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Apr 23, 2021
The source ip for the rootlesskit port forwarder was hardcoded to the standard slirp4netns ip. This is incorrect since users can change the subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`. The container interface ip is always the .100 in the subnet. Only when the rootlesskit port forwarder child ip matches the container interface ip the port forwarding will work. Fixes containers#9828 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
A friendly reminder that this issue had no activity for 30 days. |
github-actions
bot
added
the
locked - please file new issue/PR
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
You cannot use a custom slipr4netns cidr together with rootless kit port forwarder. The problem is that the rooltess kit source ip is hard coded to the slirp4netns ip
10.0.2.100.The slirp4netns port forwarder works:
podman run --rm --network slirp4netns:cidr=10.0.3.0/24,port_handler=slirp4netns -p 8080:80 nginxSteps to reproduce the issue:
podman run --rm --network slirp4netns:cidr=10.0.3.0/24 -p 8080:80 nginxcurl 127.0.0.1:8080Describe the results you received:
curl hangs
Describe the results you expected:
curl should get the default nginx page
Additional information you deem important (e.g. issue happens only occasionally):
The same issue as #9065 just that this doesn't involve cni networking.
Output of
podman version:The text was updated successfully, but these errors were encountered: