<div dir="ltr"><div><div>Luis:<br></div>Much thanks!<br></div>Robert M. Koretsky<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Nov 19, 2015 at 4:52 PM, Luis Michael Ibarra <span dir="ltr"><<a href="mailto:michael.ibarra@gmail.com" target="_blank">michael.ibarra@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p dir="ltr">Hi all,</p><span class="">
<p dir="ltr">On Nov 19, 2015 6:09 PM, "Robert Koretsky" <<a href="mailto:bobk48@gmail.com" target="_blank">bobk48@gmail.com</a>> wrote:<br>
><br>
> Fajar:<br>
> Thanks for the references to the Ubuntu lxc and the network bridge docs, I will carefully look those over for a solution to my problem. I did look at those docs first, and tried various modifications to the configuration files shown there, but didn't get anywhere. I will look again.<br>
> In VirtualBox, the bridging of the VM adapter to the host adapter is accomplished by a single GUI menu choice.<br>
> In PC-BSD Jails, when creating a new jail, it is a matter of knowing, via ipconfig, what sub-net the host is on (say 192.168.0) then supplying that in jail setup.<br>
> In Solaris Zones, same as PC-BSD JAils.<br>
> I'm a networking newbie, forgive my ignorance.<br>
> Thanks again,<br>
> Sincerely,<br>
> Robert M. Koretsky</p>
</span><p dir="ltr">Robert, this flockport tutorial will help you[1]. I recommend you to learn more about networking(subnetting) and routing to accomplish other topologies than NAT bridge lxcbr0. </p>
<p dir="ltr">Guido gave you a really good explanation about how a bridge works, and so far it's one of the best explanations on this mailing list I've ever seen.</p>
<p dir="ltr">In summary:<br>
1. If you are using a bridge not associated with a host interface(nic) and you want to expose a host:</p>
<p dir="ltr">- Only configure NAT on the host.</p>
<p dir="ltr">2. If you want to connect a host interface to the bridge having communication with the host network(your router and other devices connected to this segment) <if you don't follow read about subnetting>:</p>
<p dir="ltr">- You have to do a few things:<br>
a. Configure the host bridge for the local network (router segment).<br>
b. Assign this bridge to the container config. More info man lxc.container.conf.<br>
c. Configure an ip address to the container, you could do this by the config file for the container or inside the container. Again man lxc.container.conf</p>
<p dir="ltr">Search in the mailing list because this issue has been solved a few times already. </p>
<p dir="ltr">Greetings,<br><br></p>
<p dir="ltr">[1] <a href="https://www.flockport.com/lxc-networking-guide/" target="_blank">https://www.flockport.com/lxc-networking-guide/</a>. </p>
<p dir="ltr"><span class="">><br>
> On Thu, Nov 19, 2015 at 2:43 PM, Fajar A. Nugraha <<a href="mailto:list@fajar.net" target="_blank">list@fajar.net</a>> wrote:<br>
>><br>
>> On Fri, Nov 20, 2015 at 5:04 AM, Robert Koretsky <<a href="mailto:bobk48@gmail.com" target="_blank">bobk48@gmail.com</a>> wrote:<br>
>>><br>
>>> Guido et al:<br>
>>> Another suggestion I got from the Ubuntu Forums on virtualisation gave me a single line that could be added to the iptables configuration( and also some other alternate ways of using and configuring ufw) to achieve a "port forwarding" of a port of interest, like 22, to the container IP 10.0.3.1 from my host IP 192.168.0.6. I am going to try this one-line iptables method, see if it works. More importantly, once my container can be ssh'ed to from my home network, will my host still be reachable. Other than that, I'm not sure what else to do.<br>
>><br>
>><br>
>> How about reading replies of your mail in the other thread you created?<br>
>><br>
>> I'm going to assume it's because somehow you didn't get the replies in your inbox, so I CC your mail as well here.<br>
>> <br>
>>><br>
>>> Believe me, other suggested solutions were either 100-line long bash scripts plus dozens of changes and package downloads, or were completely off base.<br>
>><br>
>><br>
>> You obviously haven't read Ubuntu's lxc documentation. Nor Ubuntu's network bridge documentation (<a href="https://help.ubuntu.com/lts/serverguide/network-configuration.html#bridging" target="_blank">https://help.ubuntu.com/lts/serverguide/network-configuration.html#bridging</a>), which is also linked on lxc documentation page.<br>
>><br>
>> It's NOT 100-line long script. And the required bridge packages is already installed when you install lxc.<br>
>><br>
>>> Again, can anyone tell me why lxcbr0 is configured to start with an IP of 10.0.3.1?<br>
>><br>
>><br>
>> The same reason why virtualbox uses NAT networking for VMs by default.<br>
>> <br>
>>><br>
>>> My Ubuntu 15.10 Desktop machine, which has a container, gets its IP via DHCP from a router.<br>
>><br>
>><br>
>> Assuming you've read the docs, bridging should work.<br>
>><br>
>> The exception is if your desktop connects to LAN via wifi, in which case bridging will NOT work.<br>
>><br>
>> -- <br>
>> Fajar<br>
><br>
><br>
><br></span><span class="">
> _______________________________________________<br>
> lxc-users mailing list<br>
> <a href="mailto:lxc-users@lists.linuxcontainers.org" target="_blank">lxc-users@lists.linuxcontainers.org</a><br>
> <a href="http://lists.linuxcontainers.org/listinfo/lxc-users" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br>
</span></p>
<br>_______________________________________________<br>
lxc-users mailing list<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br></blockquote></div><br></div>