On Wed, Mar 25, 2015 at 9:01 PM, Chris Burroughs <chris.burrou...@gmail.com> wrote: > On 03/24/2015 06:00 PM, Fajar A. Nugraha wrote: >>> >>> create veth bridges inside a container on top of macvlan bridges? >> >> >> It works just fine on Ubuntu with an old lxc-1.0.7. > > > Thanks for checking! This is with lxc-1.0.7 on centos6 > >> Did you perhaps NOT have the bridge module loaded yet on the host? Try >> adding and removing a bridge on the host first to verify that >> everything works (including loading the necessary modules), and then >> retry your test on the container side. > > > I tried doing the bridge cycle on the physical host first and get the same > result.
So you can create bridge on the host just fine? In that case it shouldn't be module issue. - check how your containers are created. I'm using ubuntu container using download template, which comes correctly configured to have bridges inside containers. - check for permissions Since you use centos, it shouldn't be selinux issue. Probably device permission issue. Try various lxc.cgroup.devices.allow entries. Again, the ubuntu container using download template works fine, so you could probably start from its generated config file (and its includes). Do the same for lxc.cap.drop >> Note that this is assuming you'd be using the bridge to create an >> additional network, and NOT bridging the container's eth0 (which is a >> macvlan device). > > > I'm not sure I understand the details of linux networking enough to > appreciate the difference. Short version: bridging a macvlan device wont work If you still don't understand the implication, then I suggest you don't use macvlan, but rather stick with veth. -- Fajar _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users