[lxc-users] macvlan-based networking for unprivileged containers

Fajar A. Nugraha list at fajar.net
Thu Feb 12 11:18:52 UTC 2015


On Thu, Feb 12, 2015 at 5:29 PM, Purcareata Bogdan <b43198 at freescale.com> wrote:
> On 10.02.2015 19:22, Christian Brauner wrote:
>>
>> Hello,
>>
>> is it currently possible to use macvlan interfaces with unprivileged
>> containers?
>
>
> +1 I noticed too that it wasn't possible. This might a limitation of the
> user namespace itself, since the lower device you're attaching to is still
> in the host / root namespace, and you don't have access to that as a normal
> user.

What I often ask, is WHY?

Yes, macvlan does not work for unpriv containers. However veth works
just fine. And you don't have to put your public link (e.g. eth0) on
bridge mode to have a working container with veth network.

-- 
Fajar


More information about the lxc-users mailing list