abiosoft
UDP port forwarding fails in one direction
Description
This is perhaps an upstream issue, but it took me way too many hours to figure out that Colima/Lima drops UDP packets that are otherwise properly port forwarded in nerdctl compose as they reach the lima machine.
Related issues:
https://github.com/abiosoft/colima/issues/255 https://github.com/lima-vm/lima/issues/366
Version
Colima Version: colima version HEAD-9575e08 Lima Version: limactl version 0.15.1 Qemu Version: qemu-img version 8.0.0
Operating System
- [ ] macOS Intel <= 12 (Monterrey)
- [ ] macOS Intel >= 13 (Ventura)
- [ ] macOS M1 <= 12 (Monterrey)
- [X] macOS M1 >= 13 (Ventura)
- [ ] Linux
Output of colima status
INFO[0000] colima is running using QEMU
INFO[0000] arch: aarch64
INFO[0000] runtime: containerd
INFO[0000] mountType: sshfs
Reproduction Steps
- spin up an alpine container with
nerdctl run -p 1234:1234/udp -it alpine ash nc -ul -p 1234- (new terminal on host)
nc -u localhost 1234 - Attempt to send data [connection terminated on host]
nc -ul 1234(Mac version of nc does not use the -p)- (on alpine container) Ctrl-C to end listener and run
nc -u host.docker.internal 1234 - Send data from both terminals and see data received on other
Expected behaviour
Data is transmitted in both directions across forwarded UDP ports
Additional context
I'm using a more recent version of nerdctl than the current version of Colima since the nerdctl errors are much clearer in the most recent release.
Still present with version:
colima version v0.5.6
git commit: ceef812c32ab74a49df9f270e048e5dced85f932
runtime: docker
arch: x86_64
client: v24.0.6
server: v23.0.6
I also have a blocker, dnsmasq is not working as the exposed UDP port never works.
Assuming this issue is blocked on the upstream support in lima, would it be possible in the interim to somehow add error output (even if it's not the correct error) that would be reported by docker to indicate UDP forwarding is not working?
