[lxc-users] macvlan with tagged vlan

e florian.engelmann at gmail.com
Sun Feb 2 09:14:55 UTC 2014 

Hi,

is it possible to use network type macvlan on tagged VLANs?

I tried it like this:

ubuntu host configuration:

auto lo
iface lo inet loopback

auto p3p3
iface p3p3 inet static
 address 192.168.222.11
 netmask 255.255.255.0
 gateway 192.168.222.1
 dns-nameservers 2xx.xxx.xxx.xxx 2xx.xxx.xxx.xxx
 dns-search example.com

auto em3
iface em3 inet manual

auto em1
iface em1 inet manual
 bond-master bond0

auto p3p1
iface p3p1 inet manual
 bond-master bond0

auto bond0
iface bond0 inet manual
 bond-slaves none
 bond-mode 4
 bond-miimon 100
 bond-updelay 200
 bond-downdelay 200
 bond-lacp-rate 1

auto em2
iface em2 inet manual
 bond-master bond1

auto p3p2
iface p3p2 inet manual
 bond-master bond1

auto bond1
iface bond1 inet manual
 bond-slaves none
 bond-mode 4
 bond-miimon 100
 bond-updelay 200
 bond-downdelay 200
 bond-lacp-rate 1

auto bond0.2065
iface bond0.2065 inet manual

auto bond0.2067
iface bond0.2067 inet manual

auto bond1.2066
iface bond1.2066 inet manual

auto bond1.2068
iface bond1.2068 inet manual


We have got two network trunk with four VLANs tagged on them. This is to
seperate production from testing environment and frontend from backend.
With macvlan is should be possible two have different containers on the
same iface device communicating with each oder (mode bridge). But it did
not work:

Container configuration:

lxc.network.type = macvlan
lxc.network.macvlan.mode = bridge
lxc.network.link = bond0.2065
lxc.network.flags = up
lxc.network.name = front
lxc.network.hwaddr = 00:16:3f:1c:59:20
lxc.network.type = macvlan
lxc.network.macvlan.mode = bridge
lxc.network.link = bond1.2066
lxc.network.flags = up
lxc.network.name = back
lxc.network.hwaddr = 00:16:3b:62:dd:76

Container interfaces:

auto lo
iface lo inet loopback

auto front
iface front inet static
        address 192.168.219.17
        netmask 255.255.255.0
        gateway 192.168.219.1
up route add -net 192.168.252.0/23 gw 192.168.219.254
up route add -net 212.71.112.120/29 gw 192.168.219.254
post-up ping -c3 192.168.219.254

auto back
iface back inet static
        address 10.168.219.17
        netmask 255.255.255.0


side question: the "post-up ping -c3 192.168.219.254" I used to work around
the fact that a fresh container was not "pingable" after it was started...
any other solution for that?


The container does start up without any problem but communication from
other hosts in those vlans is not possible and also from one container to
another it is not possible.

Should tagged VLANs work with macvlan?

veth did work fine but macvlan should be more secure and even faster?

Regards,
flo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140202/9e9d982c/attachment.html>

More information about the lxc-users mailing list