balena-engine
balena-engine copied to clipboard
balena-os
Container IPs leak out to LAN
We are experiencing an issue where the container IPs are leaking out over onto the LAN.
This was reported by a customer here https://github.com/NebraLtd/helium-miner-software/issues/99 which contains more details.
Is this a known issue? Is there any fix for it?
Possibly related to... https://github.com/docker/for-linux/issues/1126
[pdcastro] This issue has attached support thread https://jel.ly.fish/6a5027d1-5f10-490b-b495-3ff1084b1fb9
@shawaj I've set up a device to capture its network traffic, to see if I can see any packets using the non-masqueraded IPs
I'm just using a simple http server in the container, is the helium-miner doing anything interesting when it comes to network activity?
if not I would let my setup run for a while to see if it happens by itself, right now I don't really have a clue as to what could be the cause for this.
On your end, did you see any kind of pattern to the devices this happens on?
Any luck with debugging this? I'm still having this issue on a regular basis.
@shawaj I've set up a device to capture its network traffic, to see if I can see any packets using the non-masqueraded IPs
I'm just using a simple http server in the container, is the helium-miner doing anything interesting when it comes to network activity?
if not I would let my setup run for a while to see if it happens by itself, right now I don't really have a clue as to what could be the cause for this.
On your end, did you see any kind of pattern to the devices this happens on?
@robertgzr as far as I know, it happens on every device in our fleet.
The helium miner container does do some interesting things to try and get around double-NAT and similar stuff using libp2p https://github.com/helium/erlang-libp2p