[lxc-devel] hwaddr tuning in templates

Serge Hallyn serge.hallyn at ubuntu.com
Tue Dec 24 15:52:00 UTC 2013 

Quoting Guillaume ZITTA (lxc at zitta.fr):
> Le 24/12/2013 15:32, Stéphane Graber a écrit :
> >On Tue, Dec 24, 2013 at 03:01:38PM +0100, Guillaume ZITTA wrote:
> >>Hi,
> >>
> >>I'm coding a new template (for gentoo).
> >>
> >>I saw this kind of tweak in many templates :
> >>
> >>    if [ "$nics" -eq 1 ] && ! grep -q "^lxc.network.hwaddr"
> >>$path/config; then
> >>        # see http://sourceforge.net/tracker/?func=detail&aid=3411497&group_id=163076&atid=826303
> >>        hwaddr="fe:$(dd if=/dev/urandom bs=8 count=1 2>/dev/null |od
> >>-t x8 | \
> >>                      head -1 |awk '{print $2}' | cut -c1-10 |\
> >>                      sed 's/\(..\)/\1:/g; s/.$//')"
> >>        echo "lxc.network.hwaddr = $hwaddr" >> $path/config
> >>    fi
> >>
> >>The url no longer exists and I didn't catch the explaination in ML
> >>archive.
> >>
> >>Someone has a new pointer to the explaination?
> >>Was it a workaround for a no longuer existing bug?
> >>
> >>Regards,
> >>
> >>Guillaume ZITTA
> >
> >Yeah, I guess the bug report got lost in the migration to github.
> >
> >So let me try to explain what's going on there and why we are doing
> >this. Note that it's not really a bug has much as just having to cope
> >with the way things work in the kernel.
> >
> >We want all containers to have a static mac address for a simple
> >reason,
> >it's no fun if your IP addresses change every time you boot it (as if
> >not specified, a random one assigned by the kernel will be used).
> >
> >On top of that, we can't just use any randomly generated mac
> >address. We
> >need one that'll typically be higher than a regular MAC address. That's
> >because of the way bridges work in Linux. A bridge has its own mac
> >address and whenever that address changes trafic is cut for around 30s
> >(STP delay and similar stuff). The Linux kernel always uses the lowest
> >MAC address in the bridge for the bridge's own address, so we need to
> >make sure our addresses tend to be higher than that.
> >
> >Not all templates care about that though. In Ubuntu we provide a routed
> >bridge so we don't have that concern and we instead choose to use the
> >Xen MAC range which has the advantage of being properly registered
> >specifically for use with VMs and containers.
> >
> It's pretty clear, thanks a lot.
> 
> Templates do it only if there is one NIC. is it because doing it on
> multiNIC in bash is a pain in the a*s ?
> 
> Is there a plan for lxc to allocate this kind of "high static
> hwaddr" in pre-template config ?
> If not, my proposal:
>  I set an incomplete (prefix) lxc.network.hwaddr in default conf.
>  lxc-create complete it randomly and write it to the container's config.
> 
> Does it make sense?

I think so.  Just 'xx' in place of real numbers?

> I do not/can't code in C, but perhaps I should try  ...
> 
> Guillaume ZITTA
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel

More information about the lxc-devel mailing list