On Thu, Mar 05, 2020 at 06:46:06PM +0100, Ede Wolf wrote: > Am 05.03.20 um 03:20 schrieb Serge E. Hallyn: > > and you currently > > need a privileged lxc-user-nic to setup network. > > Thanks, as that basically sums up my question, as this lxc-user nic only > seems to work with a standard bridge.
Currently. The /etc/lxc/lxc-usernet file was designed to be flexible enough to one day support other types. It's just noone has done it because noone's needed it. > Unless I am misinformed, which was > actually my hope. Or maybe there is something in the make to make this > lxc-user nic play along with macvlan or ipvlan. Not yet. > > By intercepting network connection related syscalls, > > you can avoid the need for privileged lxc-user-nic. > > This sounds more like hackish thing or is this interception part of lxc that > can be utilized? Any mere mortal compatible documentation on this? It sounds hackish because it's not nicely wrapped up for you yet. The whole container runtime was a hackish thing not much more than 10 years ago. > And a correction to my former post: it's ipvlan layer 3, not level 3 of > course. _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users