[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clients cannot access the Internet after an OS upgrade.

From: Cliff Pratt
Subject: Clients cannot access the Internet after an OS upgrade.
Date: Sat, 7 Nov 2020 17:38:40 +1300

I'm posting this because it may help someone who ends up in the same situation as I did.

I run Ubuntu and before a recent upgrade, I was running 20.04. I had already installed Qemu and created a number of guests. I also had docker installed as a snap.

I upgraded Ubuntu from 20.04 to 20.10 and my guests stopped working!

After a LOT of digging around, I discovered that Ubuntu has switched to nftables from the legacy iptables portions of Netfilter. There are now two iptables versions - iptables-nft (which is aliased to iptables) and iptables-legacy.

For reasons which I do not understand, the snap docker version uses (or seems to use) the legacy version. It sets the policy of the FORWARD chain to DROP, and this causes the Qemu packets to be dropped.

The solution, for me, was to disable the docker snap for now.

There are obvious holes in the explanation above. Maybe someone with more knowledge of how these things interact with one another could fill in the holes, but the above may help someone.   

My Amazon author page : https://amazon.com/author/cliffpratt

reply via email to

[Prev in Thread] Current Thread [Next in Thread]