[Lxc-users] lxcbr0 MAC addr issue

Michael H. Warfield mhw at WittsEnd.com
Wed Jun 5 15:22:09 UTC 2013 

On Wed, 2013-06-05 at 06:23 +0000, Hans Feldt wrote:
> It is a fact that the bridge takes the lowest MAC address from the
> attached ports for the host port. See for example
> http://backreference.org/2010/07/28/linux-bridge-mac-addresses-and-dynamic-ports/

> Thus if a container is restarted, the host port can potentially change
> its MAC address and containers will have a stale ARP cache. This of
> course causes problem for communication container->host.

> Tested the workaround mentioned in the link but then I got problem
> with network manager on a later Ubuntu version. Then I tried using a
> dummy container and reusing its MAC addr for the host port. Works
> but...

> Now my question, could not lxc (at boot) setup a fixed MAC addr for
> the host port?

There's a gotcha in there.  You can not set an arbitrary MAC address on
a bridge.  It can only be the MAC address of an attached interface.  It
has to do with how packets are routed down in the kernel and determining
if a packet is to be handled locally on the bridge or not.  It also may
have some ties in to the spanning tree algorithm protocol logic (whether
you are using STP or have it enabled or not).  If you set it to a fixed
MAC address of a container, you can't stop or reboot that container
without losing that static assignment on the bridge.

A dummy container is one option, if you don't have a host hardware
interface connected to the bridge.  But you need one with a MAC address
lower than any of the others.  Another alternative is to use a dummy
interface...

modprobe dummy
brctl addif lxcbr0 dummy0

The dummy0 interface doesn't even need to be "up" or have an IP address
assigned to it.

Since the container host-local addresses will all be "private" (fe:...)
and the dummy0 interface will have something lower, you should be good
to go.

> Thanks,
> Hans

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20130605/d64869e9/attachment.pgp>

More information about the lxc-users mailing list