[lxc-users] veth networking and bridges in namespaces

[Serge Hallyn]

Quoting Michael Drüing (michael at drueing.de):
> Hi,
> 
> I’m trying to use lxc to simulate networks with dynamips. To do that I create one bridge device for each network I want to simulate, and I have a template which sets up a dynamips container and connects it to these bridge devices
> 
> However, when creating dozens of router instances and networks (bridges), my root namespace quickly fills up with Ethernet interfaces and the bridge devices themselves. So I was thinking about moving each bridge device (i.e. each simulated network) into its own network namespace. However there is a problem:
> 
> * Once a bridge has been created, it cannot be moved to a different namespace ("ip link set" only returns "invalid argument")
> * If I create the bridge in the desired network namespace, the lxc framework (of course) cannot find it anymore
> * I cannot run lxc-start inside the bridge's network namespace because there's normally 2 or more bridges to which the router needs its interfaces connected to
> 
> I'd really like to avoid doing "lxc.network.type=empty" and setting everything up by hand. Is there (right now) any way to make this scenario work? The best thing would be another option, e.g. "lxc.network.link_netns" or something, which can be set to the name of the network namespace that contains the bridge. Could such an option be implemented?

I don't know what dynamips is, but would you be able to pass the devices
that you want to bridge into the container, then have the container create
the bridge and bridge the device?

-serge