[lxc-users] re Networking issues with LXC containers in EC2

brian mullan bmullan.mail at gmail.com
Tue Jan 12 21:34:38 UTC 2016


All I did was install/configure PeerVPN on say server1 and server2 and make
sure they
connected.

While logged into each of your servers you should then be able to ping
10.x.x.x IP address of the other PeerVPN member server(s) ... assuming you
are using PeerVPN as an L2 VPN and not a L3 VPN.

The next step I did was to connect the TEP (tunnel end-point) to the LXCBR0
or in your case I guess the BR0 bridge to enable containers attached to
that bridge to pass data over the VPN tunnel.

Since the PeerVPN TEP interface (“peervpn0” in the Tutorial example) is
just like any other Linux ethernet interface we can use the “ip link”
command to connect the peervpn0 interface to the LXC lxcbr0 (or BR0)
bridge.    You need to do that on both of your server/instances.

*$ sudo ip link set dev peervpn0 master lxcbr0*
or

*       $ sudo ip link set dev peervpn0 master br0*

now the 10.x.x.x network (being an L2 VPN) is like one big ethernet from
the LXC container perspective on either host and you should be able to ping
from say cn1 on server1 to cn2 on server2.

I wrote up some of what I did a long time ago but I'd never gone back and
updated the info to reflect using a common dnsmasq for all containers on
all host/servers.   At the time I was just trying to see if it worked.

I don't know if my writeup
<https://bmullan.wordpress.com/2015/05/12/proof-of-concept-using-mesh-vpn-to-interconnect-lxc-containers-on-multiple-hosts-on-multiple-clouds/>
will help.

Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160112/49756996/attachment.html>


More information about the lxc-users mailing list