A container is not accessible on the network:
ping attempt from a Windows machine returns
request timed out
- ping attempt from the node or another Linux host does not return anything and reports 100% packet loss
iptables are incorrectly configured inside the container.
Check the configuration of
iptables inside the problematic container.
An example of a problem - wrongly set default policies of all chains:
[root@vz ~]# vzctl exec $CTID iptables -S -P INPUT DROP -P FORWARD DROP -P OUTPUT DROP
Here, any traffic received in the container is getting silently dropped.
If the DROP policy has not been configured intentionally, change the policy for the necessary chains by executing the following commands inside the container:
[root@vz ~]# vzctl exec $CTID iptables --policy INPUT ACCEPT [root@vz ~]# vzctl exec $CTID iptables --policy OUTPUT ACCEPT [root@vz ~]# vzctl exec $CTID iptables --policy FORWARD ACCEPT