[Lxc-users] Network configuration
Dean Mao
deanmao at gmail.com
Wed Feb 2 20:07:24 UTC 2011
Yeah, it's quite easy to do this. Here's my lxc network config from one of
my machines:
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br1
lxc.network.ipv4 = 192.168.0.4/24
My outside network is eth0/br0, and my inside network is just br1. I add
these rules to forward br0 to br1:
iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
iptables -A FORWARD -i br0 -o br1 -m state --state RELATED,ESTABLISHED -j
ACCEPT
iptables -A FORWARD -i br1 -o br0 -j ACCEPT
The br1 bridge connects all the lxc containers together on the same host,
eth0/br0 offers a connection to the outside world should one of the
containers require it.
On Wed, Feb 2, 2011 at 11:19 AM, Andre Nathan <andre at digirati.com.br> wrote:
> Hello
>
> My host is configured with two networks as below:
>
> eth0: external network a.b.c.d/24
> eth1: internal network 10.1.0.0/16
>
> I would like to configure my containers to belong to a third network
> (say, 10.2.0.0/16), and then set up two NAT rules (one for eth0 and one
> for eth1) to allow them to access the apropriate networks.
>
> Is this possible? On all example configurations I found, the containers
> always belong to a network that the host also belongs too, using
> bridges. Is this a requirement?
>
> Thanks
> Andre
>
>
>
>
> ------------------------------------------------------------------------------
> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
> Finally, a world-class log management solution at an even better
> price-free!
> Download using promo code Free_Logger_4_Dev2Dev. Offer expires
> February 28th, so secure your free ArcSight Logger TODAY!
> http://p.sf.net/sfu/arcsight-sfd2d
> _______________________________________________
> Lxc-users mailing list
> Lxc-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110202/7b160c8e/attachment.html>
More information about the lxc-users
mailing list