[lxc-users] re Networking issues with LXC containers in EC2

brian mullan bmullan.mail at gmail.com
Tue Jan 12 14:35:57 UTC 2016


Peter

On AWS unless you are using VPC I don't think you can use secondary
addresses because AWS won't route any of that traffic.  Also with your
addresses routing would be affected by the split-horizon problem with the
same network on 2 sides.

You probably know this ... but on AWS each instance has a Public & a
Private IP address.

If ec2-server1  pings  ec2-server2's Public IP address...

Inside EC2 AWS redirects your server1 to server2 pings to the Private IP of
server2 not the Public IP even though that's what you input to the ping
command.  EC2 inter-instance traffic is always to/from the Private IP
addresses.

This can be useful & save $$ because traffic internal to EC2 doesn't get
charged to you like outbound  or inbound traffic from the Internet does.

I install PeerVPN (www.peervpn.net) on my AWS servers to support
inter-server LXC communications.   Its dead simple to setup, its
auto-learning & full mesh vpn and you can then interconnect not only LXC on
multiple AWS servers but on different Clouds like AWS & Digital Ocean
and/or your own servers at home/office.

It also doesn't require firewall changes beyond what you already use.

Flockport did a nice writeup on how to install/use PeerVPN
<https://www.flockport.com/build-layer2-and-layer-3-overlay-networks-with-peervpn/>
also.   Maybe that will help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160112/3355fb9b/attachment.html>


More information about the lxc-users mailing list