note 1. An LXC container is attached to sx1 10.207.29.12 in a VM as shown below. Interface enp0s8 is the virtual NIC of the VM. Interface enp0s8 is a port on OvS sx1. I can ping the DNS/DHCP server from the VM.
[ubuntu@ol74a-server ~]$ ifconfig enp0s8 enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::6fa9:356a:157c:f4df prefixlen 64 scopeid 0x20<link> ether 08:00:27:78:ba:24 txqueuelen 1000 (Ethernet) RX packets 26 bytes 2660 (2.5 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 37 bytes 4778 (4.6 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [ubuntu@ol74a-server ~]$ ifconfig sx1 sx1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1420 inet 10.207.29.12 netmask 255.255.255.0 broadcast 10.207.29.255 inet6 fe80::a00:27ff:fe78:ba24 prefixlen 64 scopeid 0x20<link> ether 08:00:27:78:ba:24 txqueuelen 0 (Ethernet) RX packets 34 bytes 4404 (4.3 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 9 bytes 690 (690.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [ubuntu@ol74a-server ~]$ sudo ovs-vsctl show 1136907e-2980-4387-a939-7ca072762a96 Bridge "sx1" Port "oel73c11" Interface "oel73c11" Port "a3" Interface "a3" Port "enp0s8" Interface "enp0s8" Port "a1" Interface "a1" Port "a2" Interface "a2" Port "sx1" Interface "sx1" type: internal note 2: I can ping "olive" the DNS/DHCP server from the VM, I can ssh to "olive" and there demonstrate that the requisite DNS/DHCP is active and working: [ubuntu@ol74a-server ~]$ ping -c 3 olive PING olive.urdomain1.com (10.207.39.2) 56(84) bytes of data. 64 bytes from olive.urdomain1.com (10.207.39.2): icmp_seq=1 ttl=64 time=2.88 ms 64 bytes from olive.urdomain1.com (10.207.39.2): icmp_seq=2 ttl=64 time=0.440 ms 64 bytes from olive.urdomain1.com (10.207.39.2): icmp_seq=3 ttl=64 time=0.451 ms --- olive.urdomain1.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2001ms rtt min/avg/max/mdev = 0.440/1.257/2.882/1.149 ms [ubuntu@ol74a-server ~]$ ssh olive ubuntu@olive's password: Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.13.0-17-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Last login: Thu Nov 23 23:24:49 2017 from 10.207.39.1 ubuntu@olive:~$ service isc-dhcp-server status Failed to connect to bus: No such file or directory Failed to connect to bus: No such file or directory ubuntu@olive:~$ sudo service isc-dhcp-server status [sudo] password for ubuntu: ● isc-dhcp-server.service - ISC DHCP IPv4 server Loaded: loaded (/lib/systemd/system/isc-dhcp-server.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2017-11-23 23:43:09 UTC; 7min ago Docs: man:dhcpd(8) Main PID: 187 (dhcpd) CGroup: /system.slice/isc-dhcp-server.service └─187 dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf eth0 eth1 Nov 23 23:44:22 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05 (oel73c11) via eth1 Nov 23 23:44:22 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to 00:16:3e:99:78:05 (oel73c11) via eth1 Nov 23 23:44:34 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05 (oel73c11) via eth1 Nov 23 23:44:34 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to 00:16:3e:99:78:05 (oel73c11) via eth1 Nov 23 23:44:48 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05 (oel73c11) via eth1 Nov 23 23:44:48 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to 00:16:3e:99:78:05 (oel73c11) via eth1 Nov 23 23:44:59 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05 (oel73c11) via eth1 Nov 23 23:44:59 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to 00:16:3e:99:78:05 (oel73c11) via eth1 Nov 23 23:45:08 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05 (oel73c11) via eth1 Nov 23 23:45:08 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to 00:16:3e:99:78:05 (oel73c11) via eth1 ubuntu@olive:~$ sudo service bind9 status ● bind9.service - BIND Domain Name Server Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled) Drop-In: /run/systemd/generator/bind9.service.d └─50-insserv.conf-$named.conf Active: active (running) since Thu 2017-11-23 23:43:09 UTC; 7min ago Docs: man:named(8) Main PID: 185 (named) CGroup: /system.slice/bind9.service └─185 /usr/sbin/named -f -u bind Nov 23 23:43:09 olive named[185]: zone 27.172.in-addr.arpa/IN: loaded serial 1 Nov 23 23:43:09 olive named[185]: zone 22.172.in-addr.arpa/IN: loaded serial 1 Nov 23 23:43:09 olive named[185]: zone urdomain2.com/IN: loaded serial 1610212002 Nov 23 23:43:09 olive named[185]: zone 20.172.in-addr.arpa/IN: loaded serial 1 Nov 23 23:43:09 olive named[185]: zone 127.in-addr.arpa/IN: loaded serial 1 Nov 23 23:43:09 olive named[185]: zone 21.172.in-addr.arpa/IN: loaded serial 1 Nov 23 23:43:09 olive named[185]: zone 168.192.in-addr.arpa/IN: loaded serial 1 Nov 23 23:43:09 olive named[185]: zone 24.172.in-addr.arpa/IN: loaded serial 1 Nov 23 23:43:09 olive named[185]: all zones loaded Nov 23 23:43:09 olive named[185]: running ubuntu@olive:~$ exit logout Connection to olive closed. [ubuntu@ol74a-server ~]$ nslookup ol74a-server Server: 10.207.29.2 Address: 10.207.29.2#53 Name: ol74a-server.urdomain1.com Address: 10.207.39.12 [ubuntu@ol74a-server ~]$ note 3: In summary, a container "olive" provides containerized DNS/DHCP services, and the VM can successfully use those DNS/DHCP services. note 4: Now I start LXC container "oel73c11" on OvS sx1 but I have no connectivity to the 10.207.29.x network. I get [root@oel73c11 /]# ping 10.207.29.2 connect: Network is unreachable When I trace packets with dhcpdump on the physical host I get nothing if only eth0 on sx1 is started in the oel73c11 container, but if set eth0 in oel73c11 container to start on the default lxcbr0 (which can reach 10.207.29.2 olive) now I get a DHCPNAK message as shown below. ubuntu@athens:~$ sudo dhcpdump -i sx1 TIME: 2017-11-23 18:02:19.534 IP: 0.0.0.0 (0:16:3e:99:78:8) > 255.255.255.255 (ff:ff:ff:ff:ff:ff) OP: 1 (BOOTPREQUEST) HTYPE: 1 (Ethernet) HLEN: 6 HOPS: 0 XID: 41de231b SECS: 0 FLAGS: 0 CIADDR: 0.0.0.0 YIADDR: 0.0.0.0 SIADDR: 0.0.0.0 GIADDR: 0.0.0.0 CHADDR: 00:16:3e:99:78:08:00:00:00:00:00:00:00:00:00:00 SNAME: . FNAME: . OPTION: 53 ( 1) DHCP message type 3 (DHCPREQUEST) OPTION: 50 ( 4) Request IP address 10.42.147.244 OPTION: 12 ( 8) Host name oel73c11 OPTION: 55 ( 13) Parameter Request List 1 (Subnet mask) 28 (Broadcast address) 2 (Time offset) 121 (Classless Static Route) 15 (Domainname) 6 (DNS server) 12 (Host name) 40 (NIS domain) 41 (NIS servers) 42 (NTP servers) 26 (Interface MTU) 119 (Domain Search) 3 (Routers) --------------------------------------------------------------------------- TIME: 2017-11-23 18:02:19.534 IP: 10.207.29.2 (0:16:3e:ce:de:26) > 255.255.255.255 (ff:ff:ff:ff:ff:ff) OP: 2 (BOOTPREPLY) HTYPE: 1 (Ethernet) HLEN: 6 HOPS: 0 XID: 41de231b SECS: 0 FLAGS: 7f80 CIADDR: 0.0.0.0 YIADDR: 0.0.0.0 SIADDR: 0.0.0.0 GIADDR: 0.0.0.0 CHADDR: 00:16:3e:99:78:08:00:00:00:00:00:00:00:00:00:00 SNAME: . FNAME: . OPTION: 53 ( 1) DHCP message type 6 (DHCPNAK) OPTION: 54 ( 4) Server identifier 10.207.29.2 OPTION: 56 ( 31) Message requested address not available --------------------------------------------------------------------------- TIME: 2017-11-23 18:02:19.534 IP: 0.0.0.0 (0:16:3e:99:78:8) > 255.255.255.255 (ff:ff:ff:ff:ff:ff) OP: 1 (BOOTPREQUEST) HTYPE: 1 (Ethernet) HLEN: 6 HOPS: 0 XID: 3e62b47c SECS: 0 FLAGS: 0 CIADDR: 0.0.0.0 YIADDR: 0.0.0.0 SIADDR: 0.0.0.0 GIADDR: 0.0.0.0 CHADDR: 00:16:3e:99:78:08:00:00:00:00:00:00:00:00:00:00 SNAME: . FNAME: . OPTION: 53 ( 1) DHCP message type 1 (DHCPDISCOVER) OPTION: 12 ( 8) Host name oel73c11 OPTION: 55 ( 13) Parameter Request List 1 (Subnet mask) 28 (Broadcast address) 2 (Time offset) 121 (Classless Static Route) 15 (Domainname) 6 (DNS server) 12 (Host name) 40 (NIS domain) 41 (NIS servers) 42 (NTP servers) 26 (Interface MTU) 119 (Domain Search) 3 (Routers) --------------------------------------------------------------------------- Are there any additional settings needed to get DHCP to work from an LXC container going through a VM to the physical host where the DNS/DHCP is running? container--> sx1 on VM --> sx1 on Phys Host --> olivex port on sx1 --> olive Thanks, -- Gilbert Standen Creator Orabuntu-LXC 914-261-4594 gilb...@orabuntu-lxc.com
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss