-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rootless kit port forwarder broken with custom slirp4netns cidr #9828
Labels
kind/bug
Categorizes issue or PR as related to a bug.
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
stale-issue
Comments
openshift-ci-robot
added
the
kind/bug
Categorizes issue or PR as related to a bug.
label
Mar 26, 2021
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Apr 5, 2021
The source ip for the rootlesskit port forwarder was hardcoded to the standard slirp4netns ip. This is incorrect since users can change the subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`. The container interface ip is always the .100 in the subnet. Only when the rootlesskit port forwarder child ip matches the the container interface ip the port forwarding will work. Fixes containers#9828 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Apr 5, 2021
The source ip for the rootlesskit port forwarder was hardcoded to the standard slirp4netns ip. This is incorrect since users can change the subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`. The container interface ip is always the .100 in the subnet. Only when the rootlesskit port forwarder child ip matches the container interface ip the port forwarding will work. Fixes containers#9828 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Apr 5, 2021
The source ip for the rootlesskit port forwarder was hardcoded to the standard slirp4netns ip. This is incorrect since users can change the subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`. The container interface ip is always the .100 in the subnet. Only when the rootlesskit port forwarder child ip matches the container interface ip the port forwarding will work. Fixes containers#9828 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Apr 23, 2021
The source ip for the rootlesskit port forwarder was hardcoded to the standard slirp4netns ip. This is incorrect since users can change the subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`. The container interface ip is always the .100 in the subnet. Only when the rootlesskit port forwarder child ip matches the container interface ip the port forwarding will work. Fixes containers#9828 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
A friendly reminder that this issue had no activity for 30 days. |
github-actions
bot
added
the
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
label
Sep 22, 2023
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
kind/bug
Categorizes issue or PR as related to a bug.
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
stale-issue
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
You cannot use a custom slipr4netns cidr together with rootless kit port forwarder. The problem is that the rooltess kit source ip is hard coded to the slirp4netns ip
10.0.2.100
.The slirp4netns port forwarder works:
podman run --rm --network slirp4netns:cidr=10.0.3.0/24,port_handler=slirp4netns -p 8080:80 nginx
Steps to reproduce the issue:
podman run --rm --network slirp4netns:cidr=10.0.3.0/24 -p 8080:80 nginx
curl 127.0.0.1:8080
Describe the results you received:
curl hangs
Describe the results you expected:
curl should get the default nginx page
Additional information you deem important (e.g. issue happens only occasionally):
The same issue as #9065 just that this doesn't involve cni networking.
Output of
podman version
:The text was updated successfully, but these errors were encountered: