[Lxc-users] IPv4 container in a non-IPv4 main system ?
Fajar A. Nugraha
list at fajar.net
Wed Jun 13 07:00:26 UTC 2012
On Wed, Jun 13, 2012 at 1:22 PM, Sébastien Montagne
<sebastien.montagne at gmail.com> wrote:
> Interesting !
> ARP reply are seen on eth0 and br0, but not on vethDPuPYq.
If that's the case, I actually think the problem is in your setup. The
bridge is supposed to forward all ethernet packets to the port with
matching MAC address. If it doesn't, then it's either:
- a security configuration prevents it from doing so (i.e. iptables/ebtables)
- a bug
> I use Debian stable, on both host and guest.
I don't really like Debian :P
Don't get me wrong, Debian is stable, but it's also the problem in
this case: lxc is not exactly stable. And using debian stable with
it's 2.6.32 kernel means you're using an old kernel, with (probably)
known bugs w.r.t. lxc.
I suggest you try ubuntu precise (with its kernel 2.6.32). Possibly on
your workstation first (e.g. with virtualbox/kvm).
> Another information :
> I know some people succeeded to setup an LXC server with IPv6 host and
> containers with LXC on Debian... on the same provider (OVH) !
> (in french) http://www.fiat-tux.fr/fr/2012/05/ipv6-ready/
> The approach seems to be different as eth0 and br0 seem not beeing linked
> together... eth0 and br0 have different IPv6 addresses... It seems that they
> keep eth0 and br0 independant, and that br0 is linked to dummy0. Also they
> enable options (forwarding and proxy_ndp) in /etc/sysctl.conf.
> It sounds that I'm not (yet) good enough at networks to really understand
> all of that :)
>
> But my situation is slightly different because I would like one of the
> containers to have a working IPv4 address.
I actually think mac filtering might not be an issue in your setup, as
arp reply already reach br0. I tend to think it's a bug in your
kernel/bridge.
As a final effort, you might be able to just create separate bridges
with NAT, e.g:
- br0 connected to eth1, using public IPv4.
- br1 connected to the guest veth, using private IPv4
- setup static NAT (both SNAT and DNAT)
--
Fajar
More information about the lxc-users
mailing list