[lxc-users] LXD networking between guest, host, and KVM guest

Sean McNamara smcnam at gmail.com
Thu Oct 8 18:26:17 UTC 2015 

I found the solution... I just needed to add static routes that set
the /27 as the "next hop" _instead of_ going through the gateway. The
gateway doesn't seem to want to route traffic between VMs on my box.
Can't say I blame it; that's unnecessary load on the hosting
provider's equipment. Instead, I'm simply taking advantage of the
layer 2 bridge that brings my host and all the guests and VMs
together, by telling the routing table that it's OK to directly hit
that IP as the next hop.

Appreciate the help. It got me looking for the right things and
eventually found the answer.


Sean



On Thu, Oct 8, 2015 at 3:27 AM, Fajar A. Nugraha <list at fajar.net> wrote:
> On Thu, Oct 8, 2015 at 4:47 AM, Sean McNamara <smcnam at gmail.com> wrote:
>> Here's an example from LXD config, where the following placeholders
>> are used to mask my specific information:
>>
>
>> "1.2.3.4"
>> "5.6.7.255"
>> "DEFAULT_GATEWAY">
>> "de:ad:be:ef"
>> "MAIN"
>
> all those obfuscation makes my head hurt.
>
>>   raw.lxc: "lxc.network.ipv4=1.2.3.4/32
>> 5.6.7.255\nlxc.network.ipv4.gateway=DEFAULT_GATEWAY\nlxc.network.hwaddr=de:ad:be:ef\nlxc.network.flags=up
>>     \      \nlxc.network.mtu=1500\n"
>
> /32 should not have a broadcast address. Doesn't matter if the
> original /27 has a broadcast address, once you use /32, then the
> original broadcast address doesn't apply anymore as everything has to
> go thru the gateway.
>
> On a normal lxc (not lxd), I simply use this
>
> lxc.network.ipv4 = 50.30.36.58/32
> lxc.network.ipv4.gateway = 10.0.0.1
>
> and the result from inside the container:
> # ip ad li eth0
> 96: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP qlen 1000
>       link/ether 00:16:3e:c7:b9:d6 brd ff:ff:ff:ff:ff:ff
>     inet 50.30.36.58/32 brd 255.255.255.255 scope global eth0
>        valid_lft forever preferred_lft forever
>
> # ip route
> default via 10.0.0.1 dev eth0
> 10.0.0.1 dev eth0  scope link
>
> I'm guessing your broadcast setting caused the problem. Try removing
> it on two containers first, and see if they can ping each other. A
> "traceroute" between the two containers should also show that traffic
> goes THRU the gateway instead of directly to the other container's IP.
>
> --
> Fajar
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

More information about the lxc-users mailing list