[Lxc-users] No external network access to/from container

Scott Friedheim (sfriedhe) sfriedhe at cisco.com
Fri Jun 7 03:47:27 UTC 2013 

Goal:: I want to have my containers assigned an externally accessible static IP address.  I want the host to also have a static IP on the same subnet as the containers.

Result (so far):: Can only ping containers from host and vice-versa; I cannot ping external to the host from container and cannot ping the static IP assigned to the containers from external to the host.

Question for the group::  What am I missing?
This seems to be a common scenario I've seen covered by many web sites but it just doesn't seem to work on the two systems I've tried this on (Ubuntu 13.04 with lxc-ubuntu template & MV CGE with custom rootfs).

My Setup::
HOST - assigned 172.27.62.121/25, 172.27.62.1 (gw)
___________________________________________
brctl addbr br0
ifconfig br0 172.27.62.121 netmask 255.255.255.128 promisc up
brctl setfd br0 0
brctl addif br0 eth0
ifconfig eth0 0.0.0.0 up
route add default gw 172.27.62.1 br0
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp

iptables has no rules in standard tables as well as nat table.

bash-3.2# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.27.62.0     0.0.0.0         255.255.255.128 U     0      0        0 br0
0.0.0.0         172.27.62.1     0.0.0.0         UG    0      0        0 br0


GUEST - assigned 172.27.62.122/25, 172.27.62.121 (gw)
___________________________________________
--| lxc.conf (network portion) |--
lxc.network.type = veth
lxc.network.link = br0
lxc.network.flags = up
lxc.network.ipv4 = 172.27.62.122/25
lxc.network.name = eth0

--| etc/network/interfaces |--
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 172.27.62.122
netmask 255.255.255.128
gateway 172.27.62.121

route add default gw 172.27.62.121 eth0


Thanks for taking reading up to this point!!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20130607/5e689a2b/attachment.html>

More information about the lxc-users mailing list