[Lxc-users] LXC and Tun/Tap ?
Joerg Gollnick
code4lxc+list at wurzelbenutzer.de
Thu Jul 21 08:04:04 UTC 2011
Hello all,
I'm using openvpn client in a container (lxc from git as 20110715) since a
"few" hours.
# Config from lxc.conf
# tun
lxc.cgroup.devices.allow = c 10:200 rwm
# In the container rootfs create directory net and device tun
DEV=${CONTAINER_ROOT}/dev
mkdir ${DEV}/net
mknod -m 666 c 10 200 ${DEV}/net/tun
On the host and in container I use shorewall as packet filter as I get a public
ip over tun interface. Please be aware of a upstream bug, when stopping the
container you may get a kernel oops
(http://bugzilla.netfilter.org/show_bug.cgi?id=726).
I got rid of it by loading "nfnetlink" before all other modules for shorewall
on the host. (May be it sufficient to be loaded before nf_conntrack_netlink)
Hope that helps a little bit.
Best regards Joerg
On Thursday 21 July 2011 08:59:04 Papp Tamas wrote:
> On 2011-07-21 08:54, Daniel Lezcano wrote:
> > On 07/13/2011 06:40 PM, Gordon Henderson wrote:
> >> ISTR that about a year ago tun/tap use inside an LXC container wasn't
> >> possible... Just wondering if things have changed?
> >
> > No nothing was done around that.
> >
> > As the thread is old, can you recall what you want to achieve with
> > tun/tap ?
> >
> > If you can describe with some details what you want with tun/tap, that
> > would be great.
> > I am familiar with tun/tap coding, so I can implement it if I can refer
> > to your description.
>
> I'm also interested in this:)
>
> I'd like to run ovpn server and client in containers.
>
>
> tamas
>
> ----------------------------------------------------------------------------
> -- 5 Ways to Improve & Secure Unified Communications
> Unified Communications promises greater efficiencies for business. UC can
> improve internal communications as well as offer faster, more efficient ways
> to interact with customers and streamline customer service. Learn more!
> http://www.accelacomm.com/jaw/sfnl/114/51426253/
> _______________________________________________
> Lxc-users mailing list
> Lxc-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-users
More information about the lxc-users
mailing list