[Lxc-users] Forwarding packets from host to container
Nirmal Guhan
vavatutu at gmail.com
Wed Jan 12 01:34:46 UTC 2011
On Tue, Jan 11, 2011 at 5:25 PM, Nirmal Guhan <vavatutu at gmail.com> wrote:
> Hi,
>
> How do I forward packets (ethernet frames included) from host to
> container. I plan to run a packet capture program (tcpdump for
> instance) within container that will capture the packets coming to
> host eth1 interface. I tried both using bridge and iptables but they
> do not seem to help.
>
> iptables -A FORWARD -i eth1 -o br1 -j ACCEPT and/or
> iptables -A FORWARD -i eth1 -o vethZtPPol -j ACCEPT
>
> Instead of the above, I also tried adding host eth1 to br1 but still
> tcpdump from container cannot see the packets sent to eth1 from
> external world.
>
> I use fedora 12 for both host and container.
>
> xc.network.type = veth
> lxc.network.link = br1
> lxc.network.name = eth1
> lxc.network.flags = up
> lxc.network.mtu = 1500
>
> -Nirmal
>
An update :
If I connect host eth1 to a bridge br2 and add
lxc.network.type = veth
lxc.network.link = br2
lxc.network.name = eth2
lxc.network.flags = up
lxc.network.mtu = 1500
I can then see packets coming "into" eth2 (basically echo reply from
external machine) but not the ones "going out". Kindly help.
-Nirmal
More information about the lxc-users
mailing list