[lxc-devel] hwaddr tuning in templates

Guillaume ZITTA lxc at zitta.fr
Tue Dec 24 15:02:08 UTC 2013 

Le 24/12/2013 15:32, Stéphane Graber a écrit :
> On Tue, Dec 24, 2013 at 03:01:38PM +0100, Guillaume ZITTA wrote:
>> Hi,
>> 
>> I'm coding a new template (for gentoo).
>> 
>> I saw this kind of tweak in many templates :
>> 
>>     if [ "$nics" -eq 1 ] && ! grep -q "^lxc.network.hwaddr"
>> $path/config; then
>>         # see 
>> http://sourceforge.net/tracker/?func=detail&aid=3411497&group_id=163076&atid=826303
>>         hwaddr="fe:$(dd if=/dev/urandom bs=8 count=1 2>/dev/null |od
>> -t x8 | \
>>                       head -1 |awk '{print $2}' | cut -c1-10 |\
>>                       sed 's/\(..\)/\1:/g; s/.$//')"
>>         echo "lxc.network.hwaddr = $hwaddr" >> $path/config
>>     fi
>> 
>> The url no longer exists and I didn't catch the explaination in ML
>> archive.
>> 
>> Someone has a new pointer to the explaination?
>> Was it a workaround for a no longuer existing bug?
>> 
>> Regards,
>> 
>> Guillaume ZITTA
> 
> Yeah, I guess the bug report got lost in the migration to github.
> 
> So let me try to explain what's going on there and why we are doing
> this. Note that it's not really a bug has much as just having to cope
> with the way things work in the kernel.
> 
> We want all containers to have a static mac address for a simple 
> reason,
> it's no fun if your IP addresses change every time you boot it (as if
> not specified, a random one assigned by the kernel will be used).
> 
> On top of that, we can't just use any randomly generated mac address. 
> We
> need one that'll typically be higher than a regular MAC address. That's
> because of the way bridges work in Linux. A bridge has its own mac
> address and whenever that address changes trafic is cut for around 30s
> (STP delay and similar stuff). The Linux kernel always uses the lowest
> MAC address in the bridge for the bridge's own address, so we need to
> make sure our addresses tend to be higher than that.
> 
> Not all templates care about that though. In Ubuntu we provide a routed
> bridge so we don't have that concern and we instead choose to use the
> Xen MAC range which has the advantage of being properly registered
> specifically for use with VMs and containers.
> 
It's pretty clear, thanks a lot.

Templates do it only if there is one NIC. is it because doing it on 
multiNIC in bash is a pain in the a*s ?

Is there a plan for lxc to allocate this kind of "high static hwaddr" in 
pre-template config ?
If not, my proposal:
  I set an incomplete (prefix) lxc.network.hwaddr in default conf.
  lxc-create complete it randomly and write it to the container's config.

Does it make sense?

I do not/can't code in C, but perhaps I should try  ...

Guillaume ZITTA

More information about the lxc-devel mailing list