Hi; I previously asked this on the Podman mailing list, but I'm not sure if the issue in question is a feature of Podman or Passt (or both), and I got no replies from the Podman list, so I figured I'd try here as well.
We're running some rootless Podman containers set up to use Pasta 2023_03_29.b10b983 for networking. One of the containers needs to access the host machine port 443 with its public IP address, but this causes a Connection Refused error. Any other public IP is accessible normally.
This is specific to the containers; the host has no problem accessing itself with the public IP.
The containers are set up with systemd generators (quadlet), with networking configured very simply:
"Network=pasta:-t,auto,-T,auto"
Podman has a --map-gw option useable with Pasta that seemed like it might help, but it didn't.
"Network=pasta:--map-gw,-t,auto,-T,auto" fails like this at container startup:
Error: failed to start pasta:
Port forwarding mode 'none' conflicts with previous mode
"Network=pasta:-t,auto,-T,auto,--map-gw" started the container fine, but did not fix the Connection Refused error. Apparently --map-gw just isn't the right option here.
I don't know if the inability to contact the public IP is a feature of Podman or Pasta, but I'm hoping you're able to at least narrow it down for me.
Is there a workaround on the Pasta side?
Thanks in advance!
- JK Laiho