[lxc-users] unprivileged containers with PHYS network type and vlan interfaces on host.
Shidan
shidan at gmail.com
Sun Jun 8 22:06:37 UTC 2014
Thanks for the help Stéphane and Serge.
I've set it up so that the host device is a bridge br0, I then assigned
those IP addresses which were previously aliases on eth0 to the containers
(configured with same gateway as the host) and connected them to the br0
bridge.
The network works fine internally, I can SSH into the host from the
containers and vice versa.
However, I can't access from or to anything external, I think this is
because the mac addresses of the containers are different than the mac
address of the host and the gateway won't allow this. How can I make it so
that it will use the hosts mac address with the outside world.
On Thu, Jun 5, 2014 at 2:32 PM, Stéphane Graber <stgraber at ubuntu.com> wrote:
> On Thu, Jun 05, 2014 at 05:35:10PM +0000, Serge Hallyn wrote:
> > Quoting Shidan (shidan at gmail.com):
> > > Hello, on my host I have 4 VLAN interfaces on eth0
> > > (eth0:1, eth0:2, eth0:3, eth0:4) and each one has its own assigned
> public
> > > IP address.
>
> Also note that eth0:1 isn't a vlan interface, it's simply an extra
> address added to eth0 with an alias value of "eth0:1". So even if we did
> have the phys or vlan interface types working with unprivileged
> containers, they still wouldn't work with interface aliases.
>
> In your case, I think you either want to put eth0 itself into a bridge
> accessible to your containers or maybe do something with the macvlan
> driver instead (though that latter won't work with unprivileged
> containers).
>
> > >
> > > I want to create 4 unprivileged containers and assign a unique VLAN
> > > interface to each, similar (I think) to a PHYS network type. How
> should I
> > > go about doing this?
> >
> > Currently that's not possible, only veth is supported in unprivileged
> > containers. What you can do is bridge each link and connect the
> > unpriv container veths to those bridges
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
>
> --
> Stéphane Graber
> Ubuntu developer
> http://www.ubuntu.com
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140608/86ed6c0a/attachment.html>
More information about the lxc-users
mailing list