[Lxc-users] Fwd: Container inside an ESX VM

Mauras Olivier oliver.mauras at gmail.com
Sat Apr 23 10:40:13 UTC 2011 

Hi Geordy,

Thanks for your reply. The first one is actually already set here. I asked
ESX folks to create me my own vswitch with promisc mode enabled.
I saw the second one coming, but didn't think that could make something...
There's also a setting like "mac.verify" that can be set to false directly
from the .vmx file to allow you to use another MAC than 00:50:56:xxxxxx for
your VM.
I'll try to force a high MAC in the 00:50:56 subset for my containers and
see what happens.


I'll let you know,

Olivier


On Sat, Apr 23, 2011 at 9:12 AM, Geordy Korte <gkorte at gmail.com> wrote:

> On Sun, Apr 17, 2011 at 8:39 AM, Geordy Korte <gkorte at gmail.com> wrote:
>
>> Thought about it some more and i think it might be an advanced esx feature
>> that restricts this. Basically a couple of adv features block spoofing and
>> mac changes on a vhost. I will try to find the specific command you need to
>> run on an esx host tomorrow, or maybee someone can google it. I am 100% sure
>> that it's not a bug in either esx or lxc and no modifications are needed on
>> the lxc side.
>>
>>
> Hi,
>
> Sorry for the delay, kids birthday and my new job has not left me with much
> time. Anyways I did some digging and founds some stuff that might help.
>
> The first one is in the properties of the vswitch that is interconnecting
> the lxc host to the network. Edit the properties and in the Security Tab
> make sure that promiscus mode, Mac changes and forged macs are set to
> accept. Basically the vswitch will allow all mac's coming from the lxc and
> not block them.
>
> The second tip is more of a maybee...  ESX 3.x basically would allow to you
> to change the mac of the Vhost to whatever you wanted. In ESX 4.0 Vmware
> rewrote the code and would allow you to specify a mac only if it was in the
> vmware OUI range. To make sure that ESX does not cut the communication try
> to set the macs of you LXC containers to: 00:50:56:XX:YY:ZZ
>
> I hope this helps a little.  Give it a shot and let me know how it works
> out.
>
> Geordy
>
>
> ------------------------------------------------------------------------------
> Fulfilling the Lean Software Promise
> Lean software platforms are now widely adopted and the benefits have been
> demonstrated beyond question. Learn why your peers are replacing JEE
> containers with lightweight application servers - and what you can gain
> from the move. http://p.sf.net/sfu/vmware-sfemails
> _______________________________________________
> Lxc-users mailing list
> Lxc-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110423/d2f77829/attachment.html>

More information about the lxc-users mailing list