Docker - No Outbound Traffic / Bridge Only Works When in Promiscuous Mode

docker linux linux-networking centos7 docker-compose

Thanks to a comment @A.B made, I found the solution.

I believe the main issue was that the br_netfilter module was not loaded:

$ lsmod | grep br_netfilter
$

On another CentOS 7 Docker host (that does not have this problem), the module was loaded:

$ lsmod | grep br_netfilter
br_netfilter           22256  0
bridge                146976  1 br_netfilter

Loading the module by hand wasn't working for me:

$ modprobe br_netfilter
modprobe: FATAL: Module br_netfilter not found.

I read here that br_netfilter was a built-in module until kernel version 3.18.

I discovered that we were excluding the kernel from our updates (I didn't set this server up, so this was news to me).

$ grep exclude /etc/yum.conf
exclude=kernel*

Because of this exclusion, my prior yum updates had not been updating the kernel. I figure the separation of br_netfilter hadn't yet been backported into the kernel we were running.

After running an update without the kernel exclusion in place (yum --disableexcludes=all update kernel) and rebooting, everything started working!

The kernel update took me from 3.10.0-123.9.2.el7.x86_64 to 3.10.0-1127.19.1.el7.

Related

When a website is hit from two different browsers running on same computer. what are the properties that differ?
How to force Dovecot to reindex raw email files?
Multicast not working on macvtap device
Checking python version through ansible results into error
TLS for spesific relayhost on postfix
chrony does not log anything on my ec2 instance
remote desktop access colocated windows server?
Multiple Remote Desktop Connection in Windows Server 2003?
Hybrid Exchange - 3 step deprovisioning necessary when using archive
Can I use "Windows Server Backup function" or "wbadmin" to backup MariaDB?
Is Alpine Linux a bad choice for a server?
NGINX Custom Error page for 504 timeout not working