LXC container can only access host via bridge
Posted
by
vitaut
on Server Fault
See other posts from Server Fault
or by vitaut
Published on 2013-10-25T17:38:24Z
Indexed on
2013/10/26
15:56 UTC
Read the original article
Hit count: 344
I have an LXC container with i686 Ubuntu 12.04 running on a x86_64 Ubuntu 12.04 host. I've set up a bridge using instructions here. However the ping from the container only goes through to the host and not to other machines on the local network. Similarly only the host and not the other machines see the container OS.
The host's /etc/network/interfaces file looks as follows:
auto lo
iface lo inet loopback
iface eth0 inet manual
auto br0
iface br0 inet dhcp
bridge_ports eth0
bridge_fd 0
bridge_maxwait 0
The container's /etc/network/interfaces file looks as follows:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
And here's the relevant part of the container's config:
lxc.network.type=veth
lxc.network.link=br0
lxc.network.flags=up
Any ideas what I'm doing wrong?
Additional info:
The output of iptables-save on host:
$ sudo iptables-save
# Generated by iptables-save v1.4.12 on Sat Oct 26 06:06:48 2013
*filter
:INPUT ACCEPT [6854:721708]
:FORWARD ACCEPT [4067:538895]
:OUTPUT ACCEPT [4967:522405]
COMMIT
# Completed on Sat Oct 26 06:06:48 2013
# Generated by iptables-save v1.4.12 on Sat Oct 26 06:06:48 2013
*nat
:PREROUTING ACCEPT [82235:21547307]
:INPUT ACCEPT [16:1070]
:OUTPUT ACCEPT [9386:583359]
:POSTROUTING ACCEPT [14693:1291952]
-A POSTROUTING -s 10.0.3.0/24 ! -d 10.0.3.0/24 -j MASQUERADE
COMMIT
# Completed on Sat Oct 26 06:06:48 2013
The output of brctl show on host:
$ brctl show
bridge name bridge id STP enabled interfaces
br0 8000.080027409684 no eth0
vethBkwWyV
The output of ifconfig br0 on host:
$ ifconfig br0
br0 Link encap:Ethernet HWaddr 08:00:27:40:96:84
inet addr:192.168.1.11 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe40:9684/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:232863 errors:0 dropped:0 overruns:0 frame:0
TX packets:59518 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:34437354 (34.4 MB) TX bytes:198492871 (198.4 MB)
The output of ifconfig eth0 on host:
$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 08:00:27:40:96:84
inet6 addr: fe80::a00:27ff:fe40:9684/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:299419 errors:0 dropped:0 overruns:0 frame:0
TX packets:203569 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:59077446 (59.0 MB) TX bytes:372056540 (372.0 MB)
The output of ifconfig eth0 on container:
$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:16:3e:74:08:2b
inet addr:192.168.1.12 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe74:82b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:81 errors:0 dropped:0 overruns:0 frame:0
TX packets:113 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8506 (8.5 KB) TX bytes:9021 (9.0 KB)
© Server Fault or respective owner
