[Lxc-users] lxc networking using nat
Serge E. Hallyn
serue at us.ibm.com
Mon Apr 5 17:52:05 UTC 2010
Hi Daniel,
lxc at the moment (AFAICS) won't work for me on my laptop
bc of bridges and macvlan not working with wireless
devices. (I have explicitly heard that bridging won't
work with wireless, but I hadn't heard that about macvlan -
but quick tests with modifying lxc-macvlan.conf did not
succeed).
However, I can manually create a networked container using
veth devices and ip tables:
on HOST:
ip link add type veth
ifconfig veth0 192.168.1.1 up
ifconfig veth1 192.168.1.2 up
route add -host 192.168.1.2 dev veth0
on VM:
ns_exec -cmpiun /bin/bash
hostname vm1
517 mount --make-rslave /
mount -t tmpfs tmp /tmp
ifconfig veth1 192.168.1.2 up
route add -net default gw 192.168.1.1
mount --bind /etc/resolv.conf.vm1 /etc/resolv.conf
back on HOST:
ip link set veth1 netns 11741
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
iptables --append FORWARD --in-interface veth0 -j ACCEPT
Any idea of the best way to implement this in lxc? Just add some
code into setup_netdev() to recognize and handle a 'use_nat' option?
Sure would be nice to be able to simply use lxc on my laptop :)
thanks,
-serge
More information about the lxc-users
mailing list