[Lxc-users] LXC Container: Network Configuration

Patrick Kevin McCaffrey pkm at uwm.edu
Wed Nov 30 23:16:13 UTC 2011 

On Wed, Nov 30, 2011 at 12:16 AM, C Anthony Risinger <anthony at xtfx.me> wrote:

> i'm not a networking guru, but i've inlined a few comments.  i also
> don't use debian/ubuntu so i'm unsure the correct way to solve them
>
> ... my guess is you
> don't really want to enslave any physical devices to the bridge (br0).
>  simply allow the bridge to act as a virtual "switch" and let routing
> do the rest :-)

beh, i got a little long-winded and forgot the best part!  if this
guess is correct (you want your 4 existing networks/cards to remain as
is, and add LXC guests to the mix), try removing:

bridge_ports eth1

... from the `br0` config -- this alone might be enough to fix -- you
may still need to:

ip link set br0 up

... to force the bridge to an UP state.  `ifup br0` probably works
too.  but honestly, if you remove `bridge_ports`, i think everything
might Just Work.

-- 

C Anthony

____________________________________________________________________________

First off, thanks for all the help thus far.  I was unaware that you could create a bridge without attaching it to a physical interface - this is exactly what I'd like to do.  I removed the "bridge_ports" line from /etc/network/interfaces and rebooted.

br0 does not come up automatically, as I'd like it to, but after using brctl to add br0, and then ifconfig to bring it to an "up" state, I get much more promising results in each of the commands you listed:

____ip route____:

default via 174.102.192.1 dev eth4  metric 100 
169.254.0.0/16 dev eth4  scope link  metric 1000 
174.102.192.0/19 dev eth4  proto kernel  scope link  src 174.102.217.33 
192.168.10.0/24 dev eth0  proto kernel  scope link  src 192.168.10.1 
192.168.20.0/24 dev eth1  proto kernel  scope link  src 192.168.20.1 
192.168.30.0/24 dev eth2  proto kernel  scope link  src 192.168.30.1 
192.168.40.0/24 dev eth3  proto kernel  scope link  src 192.168.40.1 
192.168.80.0/24 dev br0  proto kernel  scope link  src 192.168.80.1 


___route n___:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         174.102.192.1   0.0.0.0         UG    100    0        0 eth4
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth4
174.102.192.0   0.0.0.0         255.255.224.0   U     0      0        0 eth4
192.168.10.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.20.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.30.0    0.0.0.0         255.255.255.0   U     0      0        0 eth2
192.168.40.0    0.0.0.0         255.255.255.0   U     0      0        0 eth3
192.168.80.0    0.0.0.0         255.255.255.0   U     0      0        0 br0



___ip link___:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:04:23:09:6a:14 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:04:23:09:6a:15 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:04:23:09:6a:16 brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:04:23:09:6a:17 brd ff:ff:ff:ff:ff:ff
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 576 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0f:1f:fa:51:33 brd ff:ff:ff:ff:ff:ff
7: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:13:f7:3b:2c:7c brd ff:ff:ff:ff:ff:ff
10: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
12: vethTu1nnI: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000
    link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff


___ip addr___:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:04:23:09:6a:14 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.1/24 brd 192.168.10.255 scope global eth0
    inet6 fe80::204:23ff:fe09:6a14/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:04:23:09:6a:15 brd ff:ff:ff:ff:ff:ff
    inet 192.168.20.1/24 brd 192.168.20.255 scope global eth1
    inet6 fe80::204:23ff:fe09:6a15/64 scope link 
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:04:23:09:6a:16 brd ff:ff:ff:ff:ff:ff
    inet 192.168.30.1/24 brd 192.168.30.255 scope global eth2
    inet6 fe80::204:23ff:fe09:6a16/64 scope link 
       valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:04:23:09:6a:17 brd ff:ff:ff:ff:ff:ff
    inet 192.168.40.1/24 brd 192.168.40.255 scope global eth3
    inet6 fe80::204:23ff:fe09:6a17/64 scope link 
       valid_lft forever preferred_lft forever
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 576 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0f:1f:fa:51:33 brd ff:ff:ff:ff:ff:ff
    inet 174.102.217.33/19 brd 255.255.255.255 scope global eth4
7: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:13:f7:3b:2c:7c brd ff:ff:ff:ff:ff:ff
10: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
    inet 192.168.80.1/24 brd 192.168.80.255 scope global br0
    inet6 fe80::9044:1cff:fe32:706/64 scope link 
       valid_lft forever preferred_lft forever
12: vethTu1nnI: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000
    link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::9044:1cff:fe32:706/64 scope link 
       valid_lft forever preferred_lft forever



However, I'm still unable to access the internet from within my container.  I can ping the container (192.168.80.2) from the host machine, and the host machine from the container. But, from the container, I can only reach the host machine at 192.168.80.1, which is odd, as anywhere else on the network (any of the subnets), I can access the main machine at 192.168.X0.1 (where X is 1, 2, 3, 4 _OR EVEN_ 8 --- which is the bridge subnet).

Again, thanks for the help.  Any other mailing list etiquette is appreciated as well (I'm more of a forum guy, but no forums seem too well versed in containers, which left me here.  I know this is more a networking issue at this point, but everyone that replies to this list seems  reasonably knowledgeable all around, not stricly LXC stuff).

Pat

More information about the lxc-users mailing list