On 04/06/13, Papp Tamas (tom...@martos.bme.hu) wrote:
> On 06/03/2013 06:55 PM, Rory Campbell-Lange wrote:
> >
> > I can ssh into the main host from the lxc host. However I cannot hit the
> > internet from the lxc host. I'd be grateful for some pointers.
> >
> > At present I have the following configuration on the host:
> >
> > auto br0
> > iface br0 inet static
> > bridge_ports eth0
> > bridge_fd 0
> > address aa.bb.cc.103
> > netmask 255.255.255.192
> > gateway aa.bb.cc.65
> >
> > and the following in the container config:
> >
> > lxc.utsname = wheezy05
> > lxc.network.type = veth
> > lxc.network.flags = up
> > lxc.network.link = br0
> > lxc.network.ipv4 = aa.bb.cc.87/26
> > lxc.network.hwaddr = 00:1E:83:8D:7C:25
> >
> > with the following in wheezy05's /etc/network/interfaces file:
> >
> > auto eth0
> > # iface eth0 inet dhcp
> > iface eth0 inet static
> > address aa.bb.cc.87
> > netmask 255.255.255.192
> > gateway aa.bb.cc.65
> >
> > One specific issue I found:
> >
> > * it looks like the container address is assigned at startup and the
> > 'interfaces' network stanza is not run -- I have to assign the
> > gateway by hand
>
> So you can or can not hit the internet? It's not clear, what your
> problem is exactly It's also not clear, which one you mean by 'lxc
> host'.
>
> Do you really mean the machine, where containers are running, or lxc
> host is actually the guest?
>
> You don't need to use lxc.network.ipv4, if you setup the network from
> the container.
Hi Tamas
Thanks very much for your email. First of all thanks very much for the
note about the lxc.network.ipv4 paramenter -- I disabled that and
routing seems to be fine.
My question was unclear -- sorry! My host is on the internet. I can ssh
from the guest to the host over the bridge, but I can't route out of the
subnet. Do I need iptables masquerading on the host in this scenario?
host 'ip addr' output with the guest running:
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master
br0 state UP qlen 1000
link/ether 00:e0:81:4c:bc:f6 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000
link/ether 00:e0:81:4c:bc:f7 brd ff:ff:ff:ff:ff:ff
inet 192.168.9.9/27 brd 192.168.9.31 scope global eth1
inet6 fe80::2e0:81ff:fe4c:bcf7/64 scope link
valid_lft forever preferred_lft forever
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 00:e0:81:4c:bc:f6 brd ff:ff:ff:ff:ff:ff
inet aa.bb.cc.103/26 brd aa.bb.cc.127 scope global br0
inet6 fe80::2e0:81ff:fe4c:bcf6/64 scope link
valid_lft forever preferred_lft forever
36: vethklhgjT: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
master br0 state UP qlen 1000
link/ether fe:ae:36:71:d7:2b brd ff:ff:ff:ff:ff:ff
inet6 fe80::fcae:36ff:fe71:d72b/64 scope link
valid_lft forever preferred_lft forever
Regards
Rory
--
Rory Campbell-Lange
r...@campbell-lange.net
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Lxc-users mailing list
Lxc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
