[Lxc-users] LXC and Tun/Tap ?
Papp Tamas
tompos at martos.bme.hu
Thu Jul 21 08:35:05 UTC 2011
On 2011-07-21 10:04, Joerg Gollnick wrote:
> Hello all,
> I'm using openvpn client in a container (lxc from git as 20110715) since a
> "few" hours.
>
> # Config from lxc.conf
> # tun
> lxc.cgroup.devices.allow = c 10:200 rwm
>
> # In the container rootfs create directory net and device tun
> DEV=${CONTAINER_ROOT}/dev
> mkdir ${DEV}/net
> mknod -m 666 c 10 200 ${DEV}/net/tun
>
> On the host and in container I use shorewall as packet filter as I get a public
> ip over tun interface. Please be aware of a upstream bug, when stopping the
> container you may get a kernel oops
> (http://bugzilla.netfilter.org/show_bug.cgi?id=726).
> I got rid of it by loading "nfnetlink" before all other modules for shorewall
> on the host. (May be it sufficient to be loaded before nf_conntrack_netlink)
>
> Hope that helps a little bit.
>
Thanks, I'll check.
tamas
More information about the lxc-users
mailing list