`route_localnet` and podman in podman

[ooraini]

I did investigate running podman-in-podman and podman in Kubernetes a while back.

The last error I faced was CNI trying to write to /proc/sys/net/ipv4/conf/{}/route_localnet which is read-only. Note that when I disabled port mappings, things still worked as expected. I'm not sure what was the role of the portmap plugin.

It's also possible to configure sysctl when running container with --sysctl. So, I can start the outer podman container with --sysctl net.ipv4.conf.all.route_localnet=1, and it will be effectively the same(as far as I understand)

Can we add check for all.route_localnet before attempting to set it per-interface? Or a option to ignore failures when trying to set it?

netavark/src/commands/setup.rs

Line 214 in 6c682ae

Some(i) => {

[Luap99]

Hi, the sysctl is needed to allow port forwarding via 127.0.0.1, so when you have ports we enable it.
Since #333 we check for the sysctl value before writing it. If you set default.route_localnet to 1 it should work with netavark v1.1.0.