[Lxc-users] local routing

Daniel Lezcano daniel.lezcano at free.fr
Mon May 9 20:52:38 UTC 2011 

On 05/09/2011 03:10 PM, Ulli Horlacher wrote:
>
> I have a lxc host (zoo 129.69.1.68) with a container (vmtest8 129.69.8.6).
>
> I want all host/container communication to be internal without network
> traffic going via external router.

Maybe I misunderstood but why don't you setup a bridge for the container 
only without attaching the physical interface and making sure 
/proc/sys/net/ipv4/ip_forward is not set ?

> I know I can setup host routes like:
>
> root at vms2:# route add -host 129.69.8.6 gw 129.69.1.68
>
> root at vms2:# route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 129.69.8.6      129.69.1.68     255.255.255.255 UGH   0      0        0 br0
> 129.69.1.0      0.0.0.0         255.255.255.0   U     0      0        0 br0
> 0.0.0.0         129.69.1.254    0.0.0.0         UG    100    0        0 br0
>
> root at vms2:# lxc -c vmtest8
>
> Type<Ctrl+a q>  to exit the console
>
> root at vmtest8:~# route add -host 129.69.1.68 gw 129.69.8.6
>
> root at vmtest8:~# route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 129.69.1.68     129.69.8.6      255.255.255.255 UGH   0      0        0 eth0
> 129.69.8.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 0.0.0.0         129.69.8.254    0.0.0.0         UG    0      0        0 eth0
>
>
> root at vms2:# ping 129.69.8.6
> PING 129.69.8.6 (129.69.8.6) 56(84) bytes of data.
> 64 bytes from 129.69.8.6: icmp_seq=1 ttl=64 time=9.54 ms
> 64 bytes from 129.69.8.6: icmp_seq=2 ttl=64 time=0.015 ms
> 64 bytes from 129.69.8.6: icmp_seq=3 ttl=64 time=0.014 ms
> 64 bytes from 129.69.8.6: icmp_seq=4 ttl=64 time=0.013 ms
> 64 bytes from 129.69.8.6: icmp_seq=5 ttl=64 time=0.015 ms
> 64 bytes from 129.69.8.6: icmp_seq=6 ttl=64 time=0.013 ms
> ^C
> --- 129.69.8.6 ping statistics ---
> 6 packets transmitted, 6 received, 0% packet loss, time 4998ms
> rtt min/avg/max/mdev = 0.013/1.602/9.547/3.553 ms
>
> But I do not want to set up such host routes manually, they should be
> created some kind of automatic.
>
> With only 1 host/container pair it is not much trouble. But later I want
> to have a dozen containers and they all should use internal routing.
>
> Modifying the host and each container VM routing table manually is nasty.
>
>

More information about the lxc-users mailing list