[lxc-users] Macvlan
Fajar A. Nugraha
list at fajar.net
Tue Jun 2 13:26:06 UTC 2015
On Mon, Jun 1, 2015 at 8:10 PM, Dave Smith <dave.smith at candata.com> wrote:
> I never
> could fine anything on a bridgeless veth setup and I would be curious to
> read about this. If someone could point me to the link that would be great.
https://lists.linuxcontainers.org/pipermail/lxc-users/2015-February/008553.html
Read from "Assuming". The example is tested on ubuntu, but you should
be able to find equivalent settings on centos.
Basically instead of putting the veths on a bridge and using using the
bridge's IP as gateway, you put an IP address on the host side of veth
pair without using any bridge.
Pros:
- container can only use a specific IP, as assigned by "pointopoint"
in the example
- no need to manually add specific route for the container IP on the
host, as it is already created using "pointopoint" setup
- force the use of persistent veth pair name on the host, useful when
you also monitor container traffic
Cons:
- slightly more complicated setup compared to normal bridging
Proxyarp part is mandatory if you're using that setup to replace plain
eth0 bridging. You don't need it on your setup, but it wouldn't do
harm leaving it enabled.
--
Fajar
More information about the lxc-users
mailing list