No IP address in LXD containers and VMs after upgrading to Ubuntu 22.04? This may be due to changes in UFW.
You can follow the guide from the official website to allow lxdbr0 traffic.
sudo ufw allow in on lxdbr0
sudo ufw route allow in on lxdbr0
sudo ufw route allow out on lxdbr0But I prefer the following method in before.rules:
nano /etc/ufw/before.rulesAdd the following rules before the COMMIT line.
# Allow LXD Ports
# Input
-A ufw-before-input -i lxdbr0 -p icmp -m icmp --icmp-type 12 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-input -i lxdbr0 -p icmp -m icmp --icmp-type 11 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-input -i lxdbr0 -p icmp -m icmp --icmp-type 3 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-input -i lxdbr0 -p tcp -m tcp --dport 53 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-input -i lxdbr0 -p udp -m udp --dport 53 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-input -i lxdbr0 -p udp -m udp --dport 67 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
# Forward
-A ufw-before-forward -o lxdbr0 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-forward -i lxdbr0 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
# Output
-A ufw-before-output -o lxdbr0 -p icmp -m icmp --icmp-type 12 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-output -o lxdbr0 -p icmp -m icmp --icmp-type 11 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-output -o lxdbr0 -p icmp -m icmp --icmp-type 3 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-output -o lxdbr0 -p tcp -m tcp --sport 53 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-output -o lxdbr0 -p udp -m udp --sport 53 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw-before-output -o lxdbr0 -p udp -m udp --sport 67 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPTFor IPv6 support:
nano /etc/ufw/before6.rulesAdd the following rules before the COMMIT line.
# Allow LXD Ports
# Input
-A ufw6-before-input -i lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 4 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p tcp -m tcp --dport 53 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p udp -m udp --dport 53 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-input -i lxdbr0 -p udp -m udp --dport 547 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
# Forward
-A ufw6-before-forward -o lxdbr0 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-forward -i lxdbr0 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
# Output
-A ufw6-before-output -o lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 4 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p tcp -m tcp --sport 53 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p udp -m udp --sport 53 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPT
-A ufw6-before-output -o lxdbr0 -p udp -m udp --sport 547 -m comment --comment "generated for LXD network lxdbr0" -j ACCEPTRestart UFW & check your firewall rules with iptables -S
ufw disable && ufw enable