[lxc-users] venet like networking in LXC possible ?
Marc MAURICE
marc.maurice at objectif-libre.com
Thu May 22 09:02:02 UTC 2014
Hi,
thanks a lot for your answers.
> well ... nothing outside the server should even know about the
> container's MAC address. Because if the network setup is the same as
> mine, then the provider's router would route all traffic for the
> container thru main server's IP. In other words, the provider's router
> will ask for the server's IP, not the container's IP.
>
> Can you give real IP addresses? The easiest way to check, is that if
> your server's main IP and additional IP are on DIFFERENT subnets (e.g.
> 111.94.248.114/24 and 65.55.58.201/32), then it's routed setup. If
> it's on the SAME subnet, then you can't copy my setup, because the
> network config is different.
My IP addresses are clearly on 2 differents subnets.
The hardware host has a dedicated IP on a public /24 subnet :
62.210.82.XX/24
And the additionnal IP for the container :
212.129.10.XX/32
But I think you're right : this is different. The provider's router is
not routing directly with the hardware host IP.
>
>> How do I tell my host to respond to those arp queries ?
>
>
> Assuming that your setup is DIFFERENT from mine (that is, your server
> AND container IP are on the same subnet), you could probably try
> something like this. Note that you should make SURE you have console
> access (e.g. KVM, ILO) to your server incase something goes wrong
> before trying this.
>
> Asssuming:
> - the provider's router IP is 192.168.124.1/24
> - your server is connected to provider's router thru eth0, with ip
> address 192.168.124.179/24, MAC 00:16:3e:46:76:9e
> - your server is connected to the container thru br0 bridge
> - the container's IP is 192.168.124.180
>
> On the server:
> - remove IP address on the bridge: ifconfig br0 0.0.0.0 up
> - add container's IP information in arp table: arp -i eth0 -s
> 192.168.124.180 00:16:3e:46:76:9e pub
> - add route to the container via the bridge: ip route add
> 192.168.124.180 dev br0
>
> On the container: pretty much the same as the previous setup. Except
> now use the server's eth0 ip address as the gateway
> - ifconfig eth0 192.168.124.180/32 up
> - ip route add 192.168.124.179 dev eth0
> - ip route add default via 192.168.124.179
>
>
> If that works, then you can setup the appropriate config file (e.g
> /etc/network/interfaces) so the process would start automatically.
>
Yes !
The arp publishing command is the key ! It's working now !
I will take some time to clean up my config and give it back here.
However I think it would be nice to have it done automatically by LXC
start scripts.
Thanks a lot again.
Marc
More information about the lxc-users
mailing list