[Lxc-users] Forwarding packets from host to container
Nirmal Guhan
vavatutu at gmail.com
Wed Jan 12 01:35:18 UTC 2011
On Tue, Jan 11, 2011 at 5:34 PM, Nirmal Guhan <vavatutu at gmail.com> wrote:
> On Tue, Jan 11, 2011 at 5:25 PM, Nirmal Guhan <vavatutu at gmail.com> wrote:
>> Hi,
>>
>> How do I forward packets (ethernet frames included) from host to
>> container. I plan to run a packet capture program (tcpdump for
>> instance) within container that will capture the packets coming to
>> host eth1 interface. I tried both using bridge and iptables but they
>> do not seem to help.
>>
>> iptables -A FORWARD -i eth1 -o br1 -j ACCEPT and/or
>> iptables -A FORWARD -i eth1 -o vethZtPPol -j ACCEPT
>>
>> Instead of the above, I also tried adding host eth1 to br1 but still
>> tcpdump from container cannot see the packets sent to eth1 from
>> external world.
>>
>> I use fedora 12 for both host and container.
>>
>> xc.network.type = veth
>> lxc.network.link = br1
>> lxc.network.name = eth1
>> lxc.network.flags = up
>> lxc.network.mtu = 1500
>>
>> -Nirmal
>>
> An update :
> If I connect host eth1 to a bridge br2 and add
> lxc.network.type = veth
> lxc.network.link = br2
> lxc.network.name = eth2
> lxc.network.flags = up
> lxc.network.mtu = 1500
>
> I can then see packets coming "into" eth2 (basically echo reply from
> external machine) but not the ones "going out". Kindly help.
> -Nirmal
>
A typo : packets coming "into" eth1 of the host...
More information about the lxc-users
mailing list