LXC bridge on Debian jessie

New:

Insert the following in /etc/network/interfaces:

auto lxc-bridge-nat
iface lxc-bridge-nat inet static
        bridge_ports none
        bridge_fd 0
        bridge_maxwait 0
        address 192.168.100.1
        netmask 255.255.255.0
        up iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
  • Give this command to enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

@see https://wiki.debian.org/LXC/SimpleBridge

 

@see http://serverfault.com/questions/664534/lxc-container-gets-2-ip-addresses

Old:

I don’t (didn’t) know why I have so much problems with bridged adapters on Debian. Specially using LXC.

Here is my solution:

  1. Install lxc (hope you know how to do it)
  2. Install # aptitude install bridge-utils
  3. Edit  /etc/network/interfaces. I will use eth1 for bridge port.Add the following:

    auto eth1
    iface eth1 inet dhcp

    auto lxcbr0
    iface lxcbr0 inet static
    address 10.0.3.1
    netmask 255.255.255.0
    bridge_ports eth1
    pre-up brctl addbr lxcbr0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward

  4. Restart network. “# /etc/init.d/networking restart”
  5. Check $ ifconfig for lxcbr0 adapter. If there is no adapter – reboot.
  6. Check internet connection. If there is internet on both lxc container and host – skip reading.
  7. Type “route -n”
  8. Lxcbr0 should have higher number (use it after trying to use other devices.
  9. Change lxcbr0 priority. “# ifmetric lxcbr0 10000”

To persist metric option add configuration key in /etc/network/interfaces

auto eth1
iface eth1 inet dhcp
metric 100

  1. Restart network -> “# /etc/init.d/networking restart”
  2. Example of container config:

lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = lxcbr0
lxc.network.name = eth0
lxc.network.ipv4 = 10.0.3.70

Now you could access container on 10.0.3.70. And you could access host from container on 10.0.3.1

 

There is (pretty big) chance that you get the following issue during boot:

A start job is running for LSB: Raise network interfaces

This will happen when eth1 have no connection. It is possible to have no internet when this happen. E.g. you have unplugged eth1, but plugged eth0. Then see step #9 and change interface metrics.

Normally ahavi should start when cable is unplugged. This allow you to have IP on eth1 and be able to use the lxcbr0.

This entry was posted in Debian, Linux, Virtualization. Bookmark the permalink.