[lxc-users] Determining a container's MAC address

Peter Steele pwsteele at gmail.com
Sun Sep 6 17:07:42 UTC 2015


On 09/06/2015 09:52 AM, Guido Jäkel wrote:
> Dear Peter,
>
> don't use a MAC prefix that is lower than that of the upstream device of the bridge the containers are attached: The Linux software bridge will use the lowest MAC of it's attached devices as the MAC of the outgoing packets. Therefore, you will risk short traffic interruptions to others, if you shutdown a Container and this one was the one with the lowest MAC on it's bridge. Because then, all network affected components outside have to learn a new MAC to route the packets for the remaining Containers to.
>
> I'm currently using a "quite high" prefix and a tail that is derived from the assigned IP. The same "formula" is used to setup a auxiliary DHCP server because use DHCP for the container network setup.
>
> 	HWADDR=`IP=${IP#*.}; printf "00:50:C2:%02X:%02X:%02X" ${IP//./ }`        # a.b.c.d -> 00:50:C2:bb:cc:dd (hex)
I was not aware of this behavior. Although I don't believe we've noticed 
any suspicious behavior in our network traffic, I can easily change our 
automation logic to use a high prefix for the containers that we create.

Thanks for the tip.

Peter



More information about the lxc-users mailing list