[lxc-users] LXC containers w/ static IPs work on some hosts, not on others

Marat Khalili mkh at rqc.ru
Thu Oct 20 18:32:19 UTC 2016 

Hello,

I use lxc (not lxd!) with static IP addresses. Here's my config (Ubuntu 
16.04):

/etc/network/interfaces:

> auto br1
> iface br1 inet static
>     bridge_ports eno1
>     bridge_fd 0
>     address 10... # host ip configuration follows
/etc/lxc/default.conf:
> lxc.network.type = veth
> lxc.network.link = br1
> lxc.network.flags = up
> lxc.network.hwaddr = 00:16:3e:xx:xx:xx
/var/lib/lxc/test/rootfs/etc/network/interfaces:
> auto eth0
> iface eth0 inet static
>     address 10... #container ip configuration follows

You seem to use macvlan. It is explicitly designed to prevent containers 
from talking to each other (they can only talk via external router), and 
it complicates things, e.g. requires router support (which might be a 
problem in your case). Unless you specifically need this feature you may 
have better results (and performance) with bridge like above.

Unfortunately, many places on the web teach people to configure macvlan 
with containers without really explaining why.

--

With Best Regards,
Marat Khalili
  

On 20/10/16 20:33, Michael Peek wrote:
> Hi gurus,
>
> I'm scratching my head again.  I'm using the following commands to 
> create an LXC container with a static IP address:
>
>     # lxc-create -n my-container-1 -t download -- -d ubuntu -r xenial
>     -a amd64
>
>     # vi /var/lib/lxc/my-container-1/config
>
>     Change:
>     # Network configuration
>     # lxc.network.type = veth
>     # lxc.network.link = lxcbr0
>     # lxc.network.flags = up
>     # lxc.network.hwaddr = 00:16:3e:0d:ec:13
>     lxc.network.type = macvlan
>     lxc.network.link = eno1
>
>     # vi /var/lib/lxc/my-container-1/rootfs/etc/network/interfaces
>
>     Change:
>     #iface eth0 inet dhcp
>     iface eth0 inet static
>       address xxx.xxx.xxx.4
>       netmask 255.255.255.0
>       network xxx.xxx.xxx.0
>       broadcast xxx.xxx.xxx.255
>       gateway xxx.xxx.xxx.1
>       dns-nameservers xxx.xxx.0.66 xxx.xxx.128.66 8.8.8.8
>       dns-search my.domain
>
>     # lxc-start -n my-container-1 -d
>
>
> It failed to work.  I reviewed my notes from past posts to the list 
> but found no discrepancies.  So I deleted the container and tried it 
> on another host -- and it worked.  Next I deleted that container and 
> went back to the first host, and it failed.  Lastly, I tried the above 
> steps on multiple hosts and found that it works fine on some hosts, 
> but not on others, and I have no idea why.  On hosts where this fails 
> there are no error messages, but the container can't access the 
> network, and nothing on the network can access the container.
>
> Is there some step that I'm missing?
>
> Thanks for any help,
>
> Michael Peek
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20161020/943033fe/attachment-0001.html>

More information about the lxc-users mailing list