[Lxc-users] lxcbr0 MAC addr issue

Wed Jun 5 21:24:03 UTC 2013

Quoting Michael H. Warfield (mhw at WittsEnd.com):
> On Wed, 2013-06-05 at 11:26 -0500, Serge Hallyn wrote: 
> > Quoting Michael H. Warfield (mhw at WittsEnd.com):
> > > Crap...  Bumped the keyboard and this one got away from me prematurely.
> > > 
> > > On Wed, 2013-06-05 at 11:23 -0400, Michael H. Warfield wrote: 
> > > > On Wed, 2013-06-05 at 15:17 +0000, Jäkel, Guido wrote: 
> > > > > >yes and it does this.  The point is that lxcbr0 is not tied to any
> > > > > >physical nic.  So the first container you start, however high the
> > > > > >macaddr is, lxcbr0 takes its mac.  If the next container gets a
> > > > > >lower macaddr, lxcbr0's macaddr drops.
> > > 
> > > > > This lxcbr0 is special to Ubuntu, right? And if not to a physical
> > > > NIC, to what is this bridge connected to on the host?
> > > 
> > > > Not to the best of my knowledge.  It should be a simple bridge.
> > > 
> > > > What do you get for this command?
> > > 
> > > > brctl show
> > > 
> > > > A bridge doesn 
> > > 
> > > A bridge doesn't have to be attach to a device.  A bridge is its own
> > > logical entity in the kernel to which you may attach devices.  You can
> > > not "attach a bridge" to something else.  You can only attach something
> > > else "to the bridge".  There's a difference.
> > > 
> > > In the case of a NATing configuration, you set up a bridge (name it
> > > whatever you want) and attach the containers to it.  Then you use the
> > > NAT modules to route between the bridge and the external interface while
> > > NATing the addresses.  I use "lxcbr0" on my Fedora hosts.  It's just a
> > > bridge.
> > > 
> > > I could see where Ubuntu might have some preconfigured setups for this
> > > purpose where I have to set them up by hand in Fedora.  That's just a
> > > matter of the distro specific support scripts.
> > 
> > Right.  And we *could* attach a dummy device with mac starting with
> > something lower.
> 
> > BUT I just did some testing, and even as I watch lxcbr0's addr go down
> > when starting a new container, my ssh to the container which had the
> > higher macaddr doesn't hiccough.
> 
> Hmmm...  It would be interesting to see what you get from "arp -a" on

Uh, well - with one container started, I get

? (10.0.3.182) at 00:16:3e:1a:33:6c [ether] on lxcbr0
static.65.5.9.176.clients.your-server.de (176.9.5.65) at 00:26:88:76:1c:05 [ether] on eth0

Note that lxcbr0 and the container's veth are HWaddr fe:ab:34:b2:2f:cc.
So I guess the reason it doesn't matter is that lxcbr0 is not an
endpoint for anything.  The endpoint is always the other veth endpoint.

> the host and the container before and after that.  It would also be
> interesting to see what happens if you ssh to a container with the
> higher address first and then bring up a container with a lower mac
> address and see if it impacts the existing connection.

(I did both.)

-serge