Re: [Lxc-users] LXC Container: Network Configuration

Patrick Kevin McCaffrey Wed, 30 Nov 2011 15:17:43 -0800

On Wed, Nov 30, 2011 at 12:16 AM, C Anthony Risinger <[email protected]> wrote:


> i'm not a networking guru, but i've inlined a few comments.  i also
> don't use debian/ubuntu so i'm unsure the correct way to solve them
>
> ... my guess is you
> don't really want to enslave any physical devices to the bridge (br0).
>  simply allow the bridge to act as a virtual "switch" and let routing
> do the rest :-)

beh, i got a little long-winded and forgot the best part!  if this
guess is correct (you want your 4 existing networks/cards to remain as
is, and add LXC guests to the mix), try removing:

bridge_ports eth1

... from the `br0` config -- this alone might be enough to fix -- you
may still need to:

ip link set br0 up

... to force the bridge to an UP state.  `ifup br0` probably works
too.  but honestly, if you remove `bridge_ports`, i think everything
might Just Work.

-- 

C Anthony

____________________________________________________________________________

First off, thanks for all the help thus far.  I was unaware that you could 
create a bridge without attaching it to a physical interface - this is exactly 
what I'd like to do.  I removed the "bridge_ports" line from 
/etc/network/interfaces and rebooted.

br0 does not come up automatically, as I'd like it to, but after using brctl to 
add br0, and then ifconfig to bring it to an "up" state, I get much more 
promising results in each of the commands you listed:

____ip route____:

default via 174.102.192.1 dev eth4  metric 100 
169.254.0.0/16 dev eth4  scope link  metric 1000 
174.102.192.0/19 dev eth4  proto kernel  scope link  src 174.102.217.33 
192.168.10.0/24 dev eth0  proto kernel  scope link  src 192.168.10.1 
192.168.20.0/24 dev eth1  proto kernel  scope link  src 192.168.20.1 
192.168.30.0/24 dev eth2  proto kernel  scope link  src 192.168.30.1 
192.168.40.0/24 dev eth3  proto kernel  scope link  src 192.168.40.1 
192.168.80.0/24 dev br0  proto kernel  scope link  src 192.168.80.1 


___route n___:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         174.102.192.1   0.0.0.0         UG    100    0        0 eth4
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth4
174.102.192.0   0.0.0.0         255.255.224.0   U     0      0        0 eth4
192.168.10.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.20.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.30.0    0.0.0.0         255.255.255.0   U     0      0        0 eth2
192.168.40.0    0.0.0.0         255.255.255.0   U     0      0        0 eth3
192.168.80.0    0.0.0.0         255.255.255.0   U     0      0        0 br0



___ip link___:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:04:23:09:6a:14 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:04:23:09:6a:15 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:04:23:09:6a:16 brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:04:23:09:6a:17 brd ff:ff:ff:ff:ff:ff
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 576 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:0f:1f:fa:51:33 brd ff:ff:ff:ff:ff:ff
7: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state 
DOWN qlen 1000
    link/ether 00:13:f7:3b:2c:7c brd ff:ff:ff:ff:ff:ff
10: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
12: vethTu1nnI: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc 
pfifo_fast master br0 state UP qlen 1000
    link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff


___ip addr___:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:04:23:09:6a:14 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.1/24 brd 192.168.10.255 scope global eth0
    inet6 fe80::204:23ff:fe09:6a14/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:04:23:09:6a:15 brd ff:ff:ff:ff:ff:ff
    inet 192.168.20.1/24 brd 192.168.20.255 scope global eth1
    inet6 fe80::204:23ff:fe09:6a15/64 scope link 
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:04:23:09:6a:16 brd ff:ff:ff:ff:ff:ff
    inet 192.168.30.1/24 brd 192.168.30.255 scope global eth2
    inet6 fe80::204:23ff:fe09:6a16/64 scope link 
       valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:04:23:09:6a:17 brd ff:ff:ff:ff:ff:ff
    inet 192.168.40.1/24 brd 192.168.40.255 scope global eth3
    inet6 fe80::204:23ff:fe09:6a17/64 scope link 
       valid_lft forever preferred_lft forever
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 576 qdisc pfifo_fast state UP 
qlen 1000
    link/ether 00:0f:1f:fa:51:33 brd ff:ff:ff:ff:ff:ff
    inet 174.102.217.33/19 brd 255.255.255.255 scope global eth4
7: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state 
DOWN qlen 1000
    link/ether 00:13:f7:3b:2c:7c brd ff:ff:ff:ff:ff:ff
10: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
    inet 192.168.80.1/24 brd 192.168.80.255 scope global br0
    inet6 fe80::9044:1cff:fe32:706/64 scope link 
       valid_lft forever preferred_lft forever
12: vethTu1nnI: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc 
pfifo_fast master br0 state UP qlen 1000
    link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::9044:1cff:fe32:706/64 scope link 
       valid_lft forever preferred_lft forever



However, I'm still unable to access the internet from within my container.  I 
can ping the container (192.168.80.2) from the host machine, and the host 
machine from the container. But, from the container, I can only reach the host 
machine at 192.168.80.1, which is odd, as anywhere else on the network (any of 
the subnets), I can access the main machine at 192.168.X0.1 (where X is 1, 2, 
3, 4 _OR EVEN_ 8 --- which is the bridge subnet).

Again, thanks for the help.  Any other mailing list etiquette is appreciated as 
well (I'm more of a forum guy, but no forums seem too well versed in 
containers, which left me here.  I know this is more a networking issue at this 
point, but everyone that replies to this list seems  reasonably knowledgeable 
all around, not stricly LXC stuff).

Pat


------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure 
contains a definitive record of customers, application performance, 
security threats, fraudulent activity, and more. Splunk takes this 
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Lxc-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/lxc-users

Re: [Lxc-users] LXC Container: Network Configuration

Reply via email to