[Lxc-users] Mixing public and private IPs for guests - network configuration?

Olivier Delloye odelloye at gmail.com
Sun May 22 18:19:52 UTC 2011 

And what about using the virtual Mac address service provided by OVH ?
Here is a brief description on how to configure your server :

1) IP failover and virtual Mac address
Let's consider your host public IP address is 91.123.123.123, and your
guests public IP failover addresses are 91.2.2.2 (GUEST1) and 91.3.3.3
(GUEST2).
>From your OVH Manager, assign a virtual Mac address to each of your IP
failover. Select the "VMware type" ("OVH type" should also work, but I
haven't yet tested).

Let's assume your virtual Mac addresses for each IP failover are :
GUEST1: 91.2.2.2 <---> 00:50:56:0a:2a:aa
GUEST2: 91.3.3.3 <---> 00:50:56:0b:3b:bb

2) Host network configuration
Then, set up your host network by editing the /etc/network/interfaces, and
replacing the eth0 by a br0 interface. Your file should look like this :

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

auto br0
iface br0 inet static
   address 91.123.123.123
   netmask 255.255.255.0
   gateway 91.123.123.254
   network 91.123.123.0
   broadcast 91.123.123.255
   bridge_ports eth0
   bridge_stp off
   bridge_maxwait 5
   bridge_fd 0

Don't forget to restart your network (/etc/init.d/networking restart).

3) Guest configuration file
Once your host network new configuration is up, edit the network part of
your guest's configuration file (/var/lib/lxc/GUEST/config) with the IP
failover and Mac adresses :
lxc.utsname = GUEST1
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.network.veth.pair = vethGUEST1
lxc.network.ipv4 = 91.2.2.2
lxc.network.hwaddr = 00:50:56:0a:2a:aa

And for GUEST2:
lxc.utsname = GUEST2
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.network.veth.pair = vethGUEST2
lxc.network.ipv4 = 91.3.3.3
lxc.network.hwaddr = 00:50:56:0b:3b:bb

4) Guest network configuration
Then, add eth0 interface to your guest's /etc/network/interfaces file. The
default gateway IP address should be the same as your host's one (for OVH
servers, just replace the last byte of your host IP address by 254
(91.123.123.254 in my example) :

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 91.2.2.2
    netmask 255.255.255.255
    broadcast 91.2.2.2
    post-up route add 91.123.123.254 dev eth0
    post-up route add default gw 91.123.123.254
    post-down route del 91.123.123.254 dev eth0
    post-down route del default gw 91.123.123.254

That's it :-)

Just be aware that with this set-up, all IP routing is performed by OVH
router, that is when the host discusses with guests, datas will first pass
through OVH network, and then go back to your server. If you feel this a
privacy/security problem, you can't use the above set-up, and have no other
choice but creating an internal private network between your host and your
guests (if you can read French, just have a look at my (ugly) draft web page
(www.delloye.org), where I describe how to configure it).

Regards,
Olivier
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110522/455e48b8/attachment.html>

More information about the lxc-users mailing list