I am facing some problems that the eth0 on lxc container does not work. I already tried
Bridging LXC containers to host eth0 so they can have a public IP, but it does not help.
On my host (Ubuntu on virtualbox):
# cat /proc/sys/net/ipv4/ip_forward
1
config
# cat /var/lib/lxc/config
lxc.config
lxc.utsname=ubuntu
lxc.network.type=veth
lxc.network.link=br0
lxc.network.flags=up
I created a container with the above config
# lxc-create -t centos -f config -n centos1
then launch
# lxc-start -d -n centos1
# lxc-console -n centos1
It seems veth is properly connected because the host machine says
# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.080027bb0aca no eth0
veth48BKPz
lxcbr0 8000.000000000000 no
And the default gateway seems also be set correctly on the host
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.11.1 0.0.0.0 UG 100 0 0 br0
10.0.3.0 0.0.0.0 255.255.255.0 U 0 0 0 lxcbr0
192.168.11.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
On the lxc container
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.11.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1009 0 0 eth0
192.168.11.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
Any help?
Best Answer
Do you have iptables (or ip6tables) enabled on your host ? If you do, you need to ACCEPT the traffic on the FORWARD chain of your bridge with:
The reason is that the br-nf (bridge-net filter) option is enabled by default in the 2.6 kernel, so the bridged traffic goes through iptables. You could disable it by doing:
Follow this link for more information on ebtables/iptables interaction on a Linux-based bridge.