I’m trying to setup multiple LXC containers on a host, each with public static IPs of their own.
My host is running the latest Ubuntu. It has a single network interface named eth0. The static IPs are pingable from the internet and are named eth0:210, eth0:211… The numbers after the colon are the least significant byte of the addresses. In addition to these interfaces I have br0 setup on the host’s public IP. There are also the lo, veth2LPP9A, and lxcbr0 interfaces. The lxcbr0 has the address of a private IP.
The host /etc/network/interfaces looks like:
auto br0 iface br0 inet static bridge_ports eth0 bridge_fd 0 [...]
So far I’ve used various online sources, including Bridging LXC containers to host eth0 so they can have a public IP to help me set this up.
The container’s config file has:
lxc.network.type = veth lxc.network.link = br0
I’ve removed the static lxc.network.ipv4 configuration from this file since it caused problems. When I ran lxc-ls –fancy with this configuration, I’d see the same public IP twice in the output. Additionally, it would mess with the subnet configuration of the container’s /etc/network/interfaces.
Speaking of the container’s interfaces file, it looks a bit like:
auto eth0 iface eth0 inet static address [...] netmask 255.255.255.255 #gateway [...] dns-nameservers 18.104.22.168 post-up route add [...] dev eth0 post-up route add default gw [...] post-down route del [...] dev eth0 post-down route del default gw [...]
I had to comment out the gateway and add the route add commands to this file. Otherwise, the container would take minutes to boot.
The /proc/sys/net/bridge/bridge-nf-* files on the host are all set to 0. The /proc/sys/net/ipv4/ip_forward value is 1.
The problem is, even though the container’s “route -n” looks like it should, I can’t ping out of the container. SSHing to what should be the container’s IP, connects me to the host.
EDIT: Removing the container’s static IP from the host did help, but now I’m getting a new error. Trying to ping the container from the host results in Redirect HostFrom , New nexthop. The packets are just going from the gateway to the host, repeatedly. Running a traceroute from the host shows that the first stop is at the gateway. Then all of the other routes are * * *. I get the same problem regardless if the container is online or not.
Since you are bridging, you need to set the IP addresses in the container only, and not on the host. The host should only have its own IP address(es).
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.