<div dir="ltr"><div dir="auto">I use L2<span class="gmail_default" style="font-size:small">. Can somebody clarify what advantage/disadvantage is there for L2,L3,L3S?</span></div><div><span class="gmail_default" style="font-size:small">I need also to be able to use DHCP inside the container. In a first boot I get an IP from DHCP, and set the interface down and turn that IP into static.</span></div><div><span class="gmail_default" style="font-size:small">Any way, ipvlan should work as simply as the other network options.</span></div><div><span class="gmail_default" style="font-size:small">Another question for the networking gurus, how do you represent this configuration with netplan?</span></div><div><span class="gmail_default" style="font-size:small">-------------------</span></div><div><span class="gmail_default" style="font-size:small">auto lo eth0 eth1<br>iface lo inet loopback<br>allow-hotplug eth0 eth1<br>iface eth0 inet dhcp<br>iface eth1 inet static<br> address X.XX.X.215</span></div><div><span class="gmail_default" style="font-size:small"> netmask 255.255.255.0<br> mtu 1500<br> post-up echo "Setting up $IFACE"<br> post-up ip route replace default via
X.XX.X
.1 dev $IFACE<br> post-up ip rule add from
X.XX.X.215 table $IFACE<br> post-up ip route replace default via
X.XX.X
.1 dev $IFACE table $IFACE</span></div><div><span class="gmail_default" style="font-size:small"> post-up ip rule add iif $IFACE table $IFACE<br> post-up ip route replace default via 192.168.88.1 dev eth0<br> post-up ip route show table $IFACE<br></span></div><div><span class="gmail_default" style="font-size:small"></span></div><div><span class="gmail_default" style="font-size:small">given</span></div><div><span class="gmail_default" style="font-size:small">/etc/iproute2/rt_tables</span></div><div><span class="gmail_default" style="font-size:small">1 eth0<br>2 eth1<br></span></div><div><span class="gmail_default" style="font-size:small"><br></span></div><div><span class="gmail_default" style="font-size:small">The purpose is to send to eth1 only packets going
X.XX.X.0, which is a public IPs network, and anything else via eth0 192.168.88.1.</span></div><div><span class="gmail_default" style="font-size:small">I tried to figure this scheme out with Netplan and I cannot see the light.</span></div><div><span class="gmail_default" style="font-size:small"><br></span></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Mar 25, 2020, 5:31 AM Fajar A. Nugraha <<a href="mailto:list@fajar.net" target="_blank">list@fajar.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Tue, Mar 24, 2020 at 6:22 PM Saint Michael <<a href="mailto:venefax@gmail.com" rel="noreferrer" target="_blank">venefax@gmail.com</a>> wrote:<br>
><br>
> That scheme in my case would not work. I have two interfaces inside the container, and each one talks to a different network, for business reasons. I use policy-based-routing to make sure that packets go to the right places. I need that the container can hold a full configuration. In my case, I use ifupdown, not netplan, since my containers are for an older version of Debian.<br>
> It is "not right" that ipvlan does not work out-of-the-box like macvlan or veth. Somebody has to fix it. I cannot use macvlan because Vmware only allows multiple macs if the entire network is set in promiscuous mode, and that kills performance. So basically the only workaround is ipvlan. As I said, if you use type=phys and ipvlan inside the host, it works fine, without altering the container.<br>
<br>
<br>
Apparently this also works, as long as you have the same ip in<br>
container config and inside the container<br>
<br>
Container config:<br>
# Network configuration<br>
<a href="http://lxc.net.0.name" rel="noreferrer noreferrer" target="_blank">lxc.net.0.name</a> = eth0<br>
lxc.net.0.type = ipvlan<br>
lxc.net.0.ipvlan.mode = l3s<br>
lxc.net.0.l2proxy = 1<br>
lxc.net.0.link = eth0<br>
lxc.net.0.ipv4.address = 10.0.3.222<br>
<br>
inside the container -> normal networking config (e.g. /etc/netplan/10-lxc.yaml)<br>
network:<br>
version: 2<br>
ethernets:<br>
eth0:<br>
dhcp4: no<br>
addresses: [<a href="http://10.0.3.222/24" rel="noreferrer noreferrer" target="_blank">10.0.3.222/24</a>]<br>
gateway4: 10.0.3.1<br>
nameservers:<br>
addresses: [10.0.3.1]<br>
<br>
-- <br>
Fajar<br>
_______________________________________________<br>
lxc-users mailing list<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org" rel="noreferrer" target="_blank">lxc-users@lists.linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer noreferrer" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br>
</blockquote></div>