Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dual ISP policy routing appears to have broken docker networking for mail-receiver for community.osm.org #1200

Closed
Firefishy opened this issue Dec 23, 2024 · 4 comments
Closed

Dual ISP policy routing appears to have broken docker networking for mail-receiver for community.osm.org #1200

Firefishy opened this issue Dec 23, 2024 · 4 comments
Labels
container

Comments

@Firefishy
Copy link
Member

The mail-receiver container for community.osm.org is unable to connect to the IPs for community.osm.org

Likely an issue with policy routing or similar.
@Firefishy
Copy link
Member Author

As a workaround I have manually host hacked community.openstreetmap.org in the container to point to 172.17.0.4 (Docker special IP for host)

@Firefishy
Copy link
Member Author

This appears to fix the routing issue:

sudo ip route add 172.17.0.0/16 dev docker0 table 100

Need to backport it into chef.

@tomhughes
Copy link
Member

tomhughes commented Dec 31, 2024
edited
Loading

Ah so it's actually the route back to 172.17 that is the problem, not the outgoing route from from 172.17 to the public address. That explains why I was having so much trouble fixing it.

I suspect that an additional rule would also work:

sudo ip rule add to 172.17.0.0/16 table main priority 50

@tomhughes
Copy link
Member

Yes that seems to work so I've implemented it in openstreetmap/chef@e397f00.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
container
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tomhughes @Firefishy