Not run on MacOS M1 well

[kdamsmt]

Hi,

I try multipass but i can't start even the primary.

I try to create new instance but it seem like unknown.

I try to remove the app few time and reinstall but not help and it keep like that.

[luis4a0]

Hi @kdamsmt! Thanks for reporting. Please attach the logs to the report as described here.

[townsend2010]

Hi @kdamsmt!

Could you please provide logs as requested by @luis4a0? We will be closing this issue soon if we don't hear back from you. Thanks!

[markmiro]

I think I'm having the same issue.

Chip: Apple M1 Pro macOS: Sonoma 14.4.1 Multipass version: 1.13.1+mac

I also tried reinstalling via both homebrew and the installer. After opening the shell, it would take a long time to start and then I get something like this:

Here's my logs: multipassd.log

[luis4a0]

Hi @markmiro, thanks for reporting. Everything looks good in your logs, but the instance cannot be reached by SSH. Do you have some VPN or network software running? Do you use the macOS firewall? Do you have some network software like VPN running? Thanks!

[markmiro]

Hi @markmiro, thanks for reporting. Everything looks good in your logs, but the instance cannot be reached by SSH. Do you have some VPN or network software running? Do you use the macOS firewall? Do you have some network software like VPN running? Thanks!

yeah I've got:

• Tailscale (which shows up as a VPN)
• And I got the the macOS default firewall with these settings:

[luis4a0]

Thanks! I think Tailscale is blocking Multipass. Can you please check if disabling it makes Multipass work again? Thanks!

[markmiro]

just did a few tests

• restarting computer with macOS firewall off and no tailscale works (shell opens and logs in)
• turning the firewall on once the multipass shell is open still lets me run commands
• stopping and then starting with firewall on (and tailscale still off) has the shell starting for a while and then with the error "primary: timed out waiting for response"

btw now I'm running these experiments against an older multipass 1.12.2 that I installed via this guide.

not sure how multipass worked for me in the past since I've had both the firewall on and tailscale too

[luis4a0]

Ok, the first thing would be to add a rule in the firewall to let Multipass allow incoming connections.

The second thing is that currently we do not support running through a VPN (external networking issues we cannot control, see #2387 for a long discussion about this). But maybe the fix above make Multipass work with Tailscale, I don't know the internals of this software. And we don't know the internals of the macOS firewall, we do know that something changed lastly and we started to have user issues about that.

Finally, the third thing is that nothing changed about SSH connections between 1.12 and 1.13 (but we always recommend running the last version from https://multipass.run/download/macos .

Please let me know if adding the rule to the firewall made everything work. Thanks!

[markmiro]

I added a rule with firewall on, restarted my mac, tailscale is off, and multipass shell still gave me "primary: timed out waiting for response" after a few minutes 😭

[townsend2010]

Hi @markmiro,

Looking at the logs you provided earlier, it really looks like the firewall is blocking. Did you add a firewall rule for bootpd? This is the process (a macos process for that matter) that tends to get blocked by the firewall and causes this havoc. Otherwise, as an experiment, try disabling the firewall just to see if it starts working. If it does, then the firewall is to blame.

[markmiro]

@townsend2010 thanks for the tip! I just tried to add it. And you're right that disabling the firewall completely does make multipass work, though I don't wanna do that.

But how would I add bootpd?

I tried running bootpd (it's not found on my system)

bootpd
zsh: command not found: bootpd

And it's not in homebrew. I'm not famliar with the tool. If I was able to find it, I don't think I'd be able to add it in the macOS networking tab's GUI anyways.

But I was able to find a GH issue from another project on how to add something via the terminal here

[townsend2010]

@markmiro,

Please see https://github.com/canonical/multipass/issues/2387#issue-1093663351 where it says "Update". This is a loooooong, drawn out problem unfortunately.

[markmiro]

I just tried a few things from https://github.com/canonical/multipass/issues/2387#issue-1093663351 and no luck!

I had some duplicates in /var/db/dhcpd_leases, I removed them. However, there was only one primary instance anyways.

I also ran this:

/usr/libexec/ApplicationFirewall/socketfilterfw --add /usr/libexec/bootpd
/usr/libexec/ApplicationFirewall/socketfilterfw --unblock /usr/libexec/bootpd

Then rebooted. Still the same issue "primary: timed out waiting for response"

I then ran the bootpd commands above with sudo and this time the second command returned "Incoming connection to the application is permitted" instead of "The application is not part of the firewall"

I might have to reboot again? I don't see bootpd in the network tab.

In any case, I'm trying to start a multipass shell again to see if that fixed it.

For now, I'm using orbstack to run a vm on my machine and experimenting with lima. So it's not urgent to fix atm.

[markmiro]

Oh that worked!

I guess I had to use sudo

I still don't see bootpd here though.

[ricab]

Hi @markmiro, glad you got it working :slightly_smiling_face:

I don't know why bootpd doesn't show up in that GUI, maybe it's because it is an internal macOS daemon and they don't expect to have those? All this bootpd/firewall interaction feels a bit like mac bug land, so I am not sure.

But yeah, many people have reported that those socketfilterfw commands is what they need to get past this. Unfortunately some report they need to run this after each boot.

There are many discussions regarding this matter in #2387 so closing this one as duplicate. Please reopen if you find something else is going on.

[ricab]

Duplicate of #2387