Hi there, I have several Docker containers set up in the IP VLAN L3 Mode for isolation purposes with the network name l3vlan.

My Docker host has an IP of 192.168.2.30 and the IP VLAN subnets are:

• 192.168.200.0/24
• 192.168.210.0/24
• 192.168.220.0/24

Testing with an alpine image with `docker run -it --rm --network=l3vlan --name alpinetest alpine` and pinging 8.8.8.8 returns nothing, no response.

Performing traceroute I get the following:

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets
 1  192.168.2.1 (192.168.2.1)  0.255 ms  0.189 ms  0.161 ms
 2  *  *  *
 3  *  *  *
 4  *  *  *
 5  *  *  *
 ...

Looking at the traceroute result, it seems that the packet stopped at router, so I tried debugging on the router.

Strangely enough, when I head to Security -> Firewall and toggle SPI Firewall or Respond to Pings from WAN to either on or off to let the configuration/service restart, I get intermittent ping results but once I rerun the ping command, it failed again.

Also, I have already set up the routes as required as shown below.

May I ask what kind of security feature or bug is blocking this request/response?

I would like my containers in L3 VLAN to be able to connect to Internet for various purposes while fulfilling isolation.

Thanks!