On Wed, Jun 13, 2012 at 1:22 PM, Sébastien Montagne <sebastien.monta...@gmail.com> wrote:
> Interesting ! > ARP reply are seen on eth0 and br0, but not on vethDPuPYq. If that's the case, I actually think the problem is in your setup. The bridge is supposed to forward all ethernet packets to the port with matching MAC address. If it doesn't, then it's either: - a security configuration prevents it from doing so (i.e. iptables/ebtables) - a bug > I use Debian stable, on both host and guest. I don't really like Debian :P Don't get me wrong, Debian is stable, but it's also the problem in this case: lxc is not exactly stable. And using debian stable with it's 2.6.32 kernel means you're using an old kernel, with (probably) known bugs w.r.t. lxc. I suggest you try ubuntu precise (with its kernel 2.6.32). Possibly on your workstation first (e.g. with virtualbox/kvm). > Another information : > I know some people succeeded to setup an LXC server with IPv6 host and > containers with LXC on Debian... on the same provider (OVH) ! > (in french) http://www.fiat-tux.fr/fr/2012/05/ipv6-ready/ > The approach seems to be different as eth0 and br0 seem not beeing linked > together... eth0 and br0 have different IPv6 addresses... It seems that they > keep eth0 and br0 independant, and that br0 is linked to dummy0. Also they > enable options (forwarding and proxy_ndp) in /etc/sysctl.conf. > It sounds that I'm not (yet) good enough at networks to really understand > all of that :) > > But my situation is slightly different because I would like one of the > containers to have a working IPv4 address. I actually think mac filtering might not be an issue in your setup, as arp reply already reach br0. I tend to think it's a bug in your kernel/bridge. As a final effort, you might be able to just create separate bridges with NAT, e.g: - br0 connected to eth1, using public IPv4. - br1 connected to the guest veth, using private IPv4 - setup static NAT (both SNAT and DNAT) -- Fajar ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users