Containers causing network stack tot freeze

McNeely · May 13, 2025, 3:37am

TrueNAS Mini XL+ (8-bay) — appears to be discontinued

Running TrueNAS SCALE

Dual 10GbE NICs, plus IPMI

First NIC: Static IP via DHCP

Second NIC: Bridged for two VMs

Previously running 10–12 Docker containers without issue

The Problem
After upgrading to 24.10.2.1 earlier this month, I lost access to the WebUI and both VMs stopped responding. Luckily, I still had IPMI access. I reset the config and got back in, but anytime I tried to restore a previous config, the network interfaces would fail.

Eventually, I figured out that if I:

Restored the config

Stopped and removed all Docker containers

Ran docker system prune -a

…the network interfaces would start working again.

However, I’ve now discovered that running more than 4 Docker containers at once causes the system to freeze. It doesn’t matter which containers — anything beyond 4 triggers the issue.

Tried Upgrading to 25.04 — Got Worse
Hoping the issue was fixed, I upgraded to 25.04 this past Friday. Unfortunately:

Network interfaces no longer respond, even with all Docker containers stopped

Had to rebuild the entire config from scratch again

Still limited to only 4 containers — any more causes the same freeze

Even with the WebUI working again, I often have to manually reboot the VMs to get them responsive. Also, system graphs don’t show any spikes or odd behavior during these freezes. Most activity is during the night (maintenance windows), but still nothing heavy enough to explain this.

Looking for Ideas
Has anyone else run into issues like this after the recent updates?
Any suggestions for diagnostic steps or logs to check that might point me in the right direction?

JohnnyM · May 13, 2025, 4:21am

This is possibly similar to the problems I’ve been facing.

Is there anything in your logs that gives any clues?

In my case there isn’t.

What 10gb nics are in your machine?

Can you access the box at the console using dp or hdmi port after it freezes?

I can’t.

Whatever my issue is it got a lot worse after upgrading to 25.04.

pmh · May 13, 2025, 8:52am

Maybe the IP address in your LAN is overlapping with the Docker network?

McNeely · May 13, 2025, 8:14pm

they’re close but they don’t appear to overlap.

pmh · May 13, 2025, 8:24pm

Could you post both with the respective netmasks?

McNeely · May 13, 2025, 9:07pm

Docker: 172.17.0.0/12
Lan: 172.16.0.0/18

neofusion · May 13, 2025, 9:27pm

Doesn’t the 172.17.0.0/12 network start at 172.16.0.1 and end on 172.31.255.254?

McNeely · May 14, 2025, 12:32am

172.16.0.0/18 is 172.16.0.1 to 172.16.255.254
172.17.0.0/12 is 172.0.0.1 to 172.255.255.254
They don’t overlap but also the docker network is not bridged so these should not be exposed outside the docker network.

pmh · May 14, 2025, 7:24am

Your calculations are not quite correct.

172.17.0.0/12 is actually 172.16.0.0/12 = 172.16.0.0 - 172.31.255.255

That’s the entire “historic class B” range in RFC 1918.

172.16.0.0/18 is 172.16.0.0 - 172.16.63.255

Here’s a calculator that can help you with that:

So they do overlap.

Solution pick something outside the docker range for your LAN or change the docker range or both.