Since today (April 9, 2026), outbound IPv4 connectivity from app containers is broken. Nothing was changed on our side. Restoring an n8n backup from several days ago did not fix the issue.

Symptoms:

• Workflows using Pipedrive (and Webflow) fail with: "The host is unreachable, perhaps the server is offline"
• Logs show: connect EHOSTUNREACH 172.67.68.102:443 and connect EHOSTUNREACH 104.18.188.228:443
• Error also appears for community nodes fetching: Error while fetching community nodes: connect EHOSTUNREACH 172.67.68.102:443

Diagnosis performed:

1. DNS is working — after fixing the upstream DNS (changed from OVH DNS 213.186.33.99 to 1.1.1.1 on ens3/ens4), nslookup api.pipedrive.com resolves correctly from inside the container.

2. IPv6 works, IPv4 does not — curl https://api.pipedrive.com succeeds via IPv6 but curl -4 https://api.pipedrive.com fails with "No route to host" from inside the container.

3. Host can reach the IPs fine — ping 172.67.68.102 and ping 104.18.188.228 both succeed from the host.

4. Container network looks correct:

   • Default route: default via 172.18.0.1 dev eth0
   • Container IP: 172.18.18.25/16

5. iptables / NAT look correct:

   • MASQUERADE rule exists for 172.18.0.0/16 → !br-c372a117c03f
   • cloudron_blocklist ipset is nearly empty (8 entries), does not contain Cloudflare IPs
   • DOCKER-CT, DOCKER-FORWARD, DOCKER-USER chains reviewed — nothing obviously blocking

6. The issue seems to affect all app containers for external IPv4, not just n8n.

Question: Did something change on the Cloudron platform side today (routing, iptables rules, network configuration) that could explain why IPv4 forwarding from containers to external IPs stopped working, while IPv6 remains functional?

Host info:

• Cloudron host ID: 9fa34633-859b-460d-a883-d1d3f5030f54-0
• Affected app container: 53ed2453-c0d6-49ca-96f9-666104462c2f (n8n)
• VPS provider: OVH / OpenStack

Please let us know what to check next or if a platform-level fix is needed.

Thank you.