[Lxc-users] native (non-NAT) routing?

John Soros johnny at r0x0r.me
Tue Apr 5 15:07:56 UTC 2011


Hi Ulli,
I have managed to set up routed networking with lxc, it isn't very
different from xen or qemu. I've created a webpage explaining how I did
it: http://j.9souldier.org/trunk/lxc/
Comments are welcome.
John

ps. I think your setup is wrong in that you need to route through the
host and not your router, the host will take care of routing through
the routes that are relevant (i.e. communication between guests
don't need to go through the router).

--
Current excuse: network down, IP packets delivered via UPS


On Mon, 4 Apr 2011 19:35:09 +0200
Ulli Horlacher <framstag at rus.uni-stuttgart.de> wrote:

> 
> My first Ubuntu 10.04 container is up and running on a Ubuntu 10.04
> host, but the container can only connect to the host (and vice
> versa), but not to the world outside.
> 
> I saw a lot of configurations for NAT, but I want native routing for
> my containers. 
> 
> 
> 
> My setup is:
> 
> host      zoo 129.69.1.39
> container LXC 129.69.1.219
> router        129.69.1.254
> 
> In LXC.conf is:
> 
> lxc.utsname = LXC
> lxc.network.type = veth
> lxc.network.link = br0
> lxc.network.flags = up
> lxc.network.name = eth0
> lxc.network.mtu = 1500
> lxc.network.ipv4 = 129.69.1.219/24
> 
> 
> root at LXC:~# route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref
> Use Iface 129.69.1.0      0.0.0.0         255.255.255.0   U
> 0      0        0 eth0 0.0.0.0         129.69.1.254
> 0.0.0.0         UG    0      0        0 eth0
> 
> root at LXC:~# ping -c 1 129.69.1.39
> PING 129.69.1.39 (129.69.1.39) 56(84) bytes of data.
> 64 bytes from 129.69.1.39: icmp_seq=1 ttl=64 time=11.5 ms
> 
> --- 129.69.1.39 ping statistics ---
> 1 packets transmitted, 1 received, 0% packet loss, time 0ms
> rtt min/avg/max/mdev = 11.547/11.547/11.547/0.000 ms
> 
> root at LXC:~# ping -c 1 129.69.1.254
> PING 129.69.1.254 (129.69.1.254) 56(84) bytes of data.
> >From 129.69.1.219 icmp_seq=1 Destination Host Unreachable
> 
> --- 129.69.1.254 ping statistics ---
> 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time
> 0ms
> 
> 
> 
> root at zoo:~# route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref
> Use Iface 129.69.1.0      0.0.0.0         255.255.255.0   U
> 0      0        0 br0 0.0.0.0         129.69.1.254    0.0.0.0
> UG    100    0        0 br0
> 
> root at zoo:~# ping -c 1 129.69.1.219
> PING 129.69.1.219 (129.69.1.219) 56(84) bytes of data.
> 64 bytes from 129.69.1.219: icmp_seq=1 ttl=64 time=0.058 ms
> 
> --- 129.69.1.219 ping statistics ---
> 1 packets transmitted, 1 received, 0% packet loss, time 0ms
> rtt min/avg/max/mdev = 0.058/0.058/0.058/0.000 ms
> 
> root at zoo:~# ping -c 1 129.69.1.254
> PING 129.69.1.254 (129.69.1.254) 56(84) bytes of data.
> 64 bytes from 129.69.1.254: icmp_seq=1 ttl=255 time=0.509 ms
> 
> --- 129.69.1.254 ping statistics ---
> 1 packets transmitted, 1 received, 0% packet loss, time 0ms
> rtt min/avg/max/mdev = 0.509/0.509/0.509/0.000 ms
> 
> root at zoo:~# iptables -n -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> root at zoo:~# sysctl -a | grep forward
> net.ipv4.conf.all.forwarding = 1
> net.ipv4.conf.all.mc_forwarding = 0
> net.ipv4.conf.default.forwarding = 1
> net.ipv4.conf.default.mc_forwarding = 0
> net.ipv4.conf.lo.forwarding = 1
> net.ipv4.conf.lo.mc_forwarding = 0
> net.ipv4.conf.eth0.forwarding = 1
> net.ipv4.conf.eth0.mc_forwarding = 0
> net.ipv4.conf.br0.forwarding = 1
> net.ipv4.conf.br0.mc_forwarding = 0
> net.ipv4.conf.virbr0.forwarding = 1
> net.ipv4.conf.virbr0.mc_forwarding = 0
> net.ipv4.conf.vethMx2A0v.forwarding = 1
> net.ipv4.conf.vethMx2A0v.mc_forwarding = 0
> net.ipv4.ip_forward = 1
> 
> Any debugging hints?
> 





More information about the lxc-users mailing list