Re: [Lxc-users] Network configuration
On Thu, 2011-02-03 at 09:09 -0800, Dean Mao wrote: > You can just add a new bridge with "brctl addbr br7" if you wanted to > add a bridge 7... then configure it with "ifconfig br7 172.16.0.1 > netmask 255.255.255.0 up" and you'll have a new network on the same > computer. Didn't know that... I thought it would always require an associated interface. Thanks! Andre -- The modern datacenter depends on network connectivity to access resources and provide services. The best practices for maximizing a physical server's connectivity to a physical network are well understood - see how these rules translate into the virtual world? http://p.sf.net/sfu/oracle-sfdevnlfb ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] Network configuration
The bridges are essentially dummy interfaces -- you can add as many as you want, and have them on random networks if you want, and have complicated routing schemes between them. I don't think you need to create a dummy interface anywhere. You can just add a new bridge with "brctl addbr br7" if you wanted to add a bridge 7... then configure it with "ifconfig br7 172.16.0.1 netmask 255.255.255.0 up" and you'll have a new network on the same computer. On Thu, Feb 3, 2011 at 3:44 AM, Andre Nathan wrote: > On Thu, 2011-02-03 at 09:13 -0200, Andre Nathan wrote: > > eth0 -> external network > > eth1 -> 10.0.0.0/16 network > > containers -> 192.168.0.0/16 network > > Hmm I managed to do this creating a dummy interface and setting up a > bridge on it, so now I have > > eth0 -> external network > eth1 -> 10.0.0.0/16 network > dummy0/br0 -> 192.168.0.0/16 network > > Is this configuration supported? > > Thanks > Andre > > > > -- > Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! > Finally, a world-class log management solution at an even better > price-free! > Download using promo code Free_Logger_4_Dev2Dev. Offer expires > February 28th, so secure your free ArcSight Logger TODAY! > http://p.sf.net/sfu/arcsight-sfd2d > ___ > Lxc-users mailing list > Lxc-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/lxc-users > -- Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] Network configuration
On Thu, 2011-02-03 at 09:13 -0200, Andre Nathan wrote: > eth0 -> external network > eth1 -> 10.0.0.0/16 network > containers -> 192.168.0.0/16 network Hmm I managed to do this creating a dummy interface and setting up a bridge on it, so now I have eth0 -> external network eth1 -> 10.0.0.0/16 network dummy0/br0 -> 192.168.0.0/16 network Is this configuration supported? Thanks Andre -- Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] Network configuration
On Wed, 2011-02-02 at 12:07 -0800, Dean Mao wrote: > Yeah, it's quite easy to do this. Here's my lxc network config from > one of my machines: > > > lxc.network.type = veth > lxc.network.flags = up > lxc.network.link = br1 > lxc.network.ipv4 = 192.168.0.4/24 > > > My outside network is eth0/br0, and my inside network is just br1. I > add these rules to forward br0 to br1: > > > iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE > iptables -A FORWARD -i br0 -o br1 -m state --state RELATED,ESTABLISHED > -j ACCEPT > iptables -A FORWARD -i br1 -o br0 -j ACCEPT > > > The br1 bridge connects all the lxc containers together on the same > host, eth0/br0 offers a connection to the outside world should one of > the containers require it. Doesn't this require br1 and the containers to be on the same network? Is works for me as long as the internal interface bridge and the containers share the same network, but I would like to have something like this: eth0 -> external network eth1 -> 10.0.0.0/16 network containers -> 192.168.0.0/16 network Thank, Andre -- Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] Network configuration
Yeah, it's quite easy to do this. Here's my lxc network config from one of my machines: lxc.network.type = veth lxc.network.flags = up lxc.network.link = br1 lxc.network.ipv4 = 192.168.0.4/24 My outside network is eth0/br0, and my inside network is just br1. I add these rules to forward br0 to br1: iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE iptables -A FORWARD -i br0 -o br1 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i br1 -o br0 -j ACCEPT The br1 bridge connects all the lxc containers together on the same host, eth0/br0 offers a connection to the outside world should one of the containers require it. On Wed, Feb 2, 2011 at 11:19 AM, Andre Nathan wrote: > Hello > > My host is configured with two networks as below: > > eth0: external network a.b.c.d/24 > eth1: internal network 10.1.0.0/16 > > I would like to configure my containers to belong to a third network > (say, 10.2.0.0/16), and then set up two NAT rules (one for eth0 and one > for eth1) to allow them to access the apropriate networks. > > Is this possible? On all example configurations I found, the containers > always belong to a network that the host also belongs too, using > bridges. Is this a requirement? > > Thanks > Andre > > > > > -- > Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! > Finally, a world-class log management solution at an even better > price-free! > Download using promo code Free_Logger_4_Dev2Dev. Offer expires > February 28th, so secure your free ArcSight Logger TODAY! > http://p.sf.net/sfu/arcsight-sfd2d > ___ > Lxc-users mailing list > Lxc-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/lxc-users > -- Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
[Lxc-users] Network configuration
Hello My host is configured with two networks as below: eth0: external network a.b.c.d/24 eth1: internal network 10.1.0.0/16 I would like to configure my containers to belong to a third network (say, 10.2.0.0/16), and then set up two NAT rules (one for eth0 and one for eth1) to allow them to access the apropriate networks. Is this possible? On all example configurations I found, the containers always belong to a network that the host also belongs too, using bridges. Is this a requirement? Thanks Andre -- Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
