[lxc-users] Am I missing something?

CDR venefax at gmail.com
Mon Sep 22 23:07:49 UTC 2014


You cannot have a macvlan bridge on an bridge interface, only on a real
ethernet device, like eth0, eth1, etc.
if you want to use a bridge, then use

lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name= eth1
lxc.network.hwaddr = 00:de:f0:ca:d4:32
lxc.network.ipv4 = 0.0.0.0/24


On Mon, Sep 22, 2014 at 6:51 PM, Erik Haller <erik.haller at gmail.com> wrote:

> Here is my production configuration:
>
> lxc.network.type = macvlan
> lxc.network.macvlan.mode = bridge
> lxc.network.flags = up
> lxc.network.link = eth0
> lxc.network.ipv4 = 192.168.7.70/16
> lxc.network.ipv4.gateway = 192.168.7.1
> # ...# mounts point
>
> lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
> lxc.mount.entry = sysfs sys sysfs defaults  0 0
>
> # /lib/modules is needed for iptables/ufw
> lxc.mount.entry = /lib/modules /var/lib/lxc/lemon/rootfs/lib/modules none
> ro,bind 0 0
> # Nice to mount host home directories
> lxc.mount.entry = /home /var/lib/lxc/lemon/rootfs/home none rw,rbind 0 0
>
> # network interface name is limited to 16 chars
> lxc.hook.pre-start = /bin/sh -c "exec mount -n -o remount,rw
> /var/lib/lxc/lemon/rootfs"
> lxc.hook.pre-start = /bin/sh -c "ip link add link eth0 name lemon type
> macvlan mode bridge && ip link set lemon up"
> lxc.hook.pre-start = /bin/sh -c "ip route add 192.168.7.70 dev lemon ||
> true"
>
> lxc.hook.post-stop = /bin/sh -c "ip route del 192.168.7.70 || true"
> lxc.hook.post-stop = /bin/sh -c "ip link set lemon down && ip link del
> lemon"
> lxc.hook.post-stop = /bin/sh -c "exec mount -n -o remount,rw
> /var/lib/lxc/lemon/rootfs"
>
> Couple of notes:
>
>    1. This a Debian lxc 0.9.0-aplha3 system. Works fine with
>    lxc-stop|lxc-start. It's been in production ~ year.
>    2. Hostname: lemon, change hostname throughout.
>    3. Disable br0 bridge. Reboot. Try the above setup and get it running.
>    macvlan and older bridging may be incompatible in linux.
>    4. Change your lxc.network.link to eth0, do not use br0.
>    5. Don't enable ip_forward. I don't have it enabled.
>    6. Don't set the mac address. Remove lxc.network.hwaddr
>    7. Note: macvlan takes 10-30 seconds of pinging from a different host
>    after lxc-start. This is normal.
>
>
>
> On Mon, Sep 22, 2014 at 7:43 AM, Chris Kloiber <ckloiber at cedardoc.com>
> wrote:
>
>>  Trying to wrap my mind around the lxc networking. I need to configure
>> each container with it’s own static IP on the same subnet as the host. I
>> think that requires a “macvlan/bridge” setup like this:
>>
>>   lxc.network.type = macvlan
>>
>> lxc.network.macvlan.mode = bridge
>>
>> lxc.network.flags = up
>>
>> lxc.network.link = br0
>>
>> lxc.network.ipv4 = 10.0.0.11/24 10.0.0.255
>>
>> lxc.network.ipv4.gateway = 10.0.0.1
>>
>> lxc-network.name = eth0
>>
>> lxc.network.mtu = 1500
>> lxc.network.hwaddr= 00:16:3e:97:81:42
>>
>>  But this goes nowhere. The host does have a properly configured br0
>> device (this is an ol6 system, btw) and net.ipv4.ip_forward = 1 Is
>> enabled. The host iptables are disabled.
>>
>>  I’ve been beating my head against this for a week now. Please help, or
>> tell me what other information I can provide. Thank you.
>>
>>
>>>>
>> *Chris Kloiber*
>>
>> *CEDAR Document Technologies*
>>
>> One Ravinia Drive, Suite 200
>>
>> Atlanta, GA 30346
>>
>> 1(404)436-2470 (office)
>>
>> 1(678)512-9636 (cell)
>>
>>
>>
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140922/24fe0039/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cedardoc.png
Type: image/png
Size: 10719 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140922/24fe0039/attachment.png>


More information about the lxc-users mailing list