ps thanks
http://noyaudolive.net/2012/05/09/lxc-and-macvlan-host-to-guest-connection/
________________________________
From: Bretton Woods <woods.bret...@yahoo.co.uk>
To: "m...@wittsend.com" <m...@wittsend.com>
Cc: "lxc-users@lists.sourceforge.net" <lxc-users@lists.sourceforge.net>
Sent: Sunday, 4 August 2013, 0:04
Subject: Re: [Lxc-users] local subnet
Apols, my usual norm is tangental but seems I have gone worse... :)
I have been thinking of LXC in terms of server services where the case is often
that servers and clients are on the same subnet.
Kerberos and authentication, Cups and various others not exactly true but
simple same subnet routing.
I guess the bridge and another subnet was chosen purely to stop clashes with
the physical host subnet.
My mind was mulling over the idea of a samba4, proxy, email... lxc containers
all running isolated but authenticating via kerb and samba4.
That way I could use a single server and as the system grows its quite simple
to hop from container to dedicated server.
________________________________
From: Michael H. Warfield <m...@wittsend.com>
To: Bretton Woods <woods.bret...@yahoo.co.uk>
Cc: m...@wittsend.com; "lxc-users@lists.sourceforge.net"
<lxc-users@lists.sourceforge.net>
Sent: Saturday, 3 August 2013, 23:04
Subject: Re: [Lxc-users] local subnet
On Sat, 2013-08-03 at 22:23 +0100, Bretton Woods wrote:
> the answer is probably yes.
>
>
> is it possible to create a container without a network bridge that is
>
on the same subnet as the host?
I believe that is what "macvlan" was suppose to be for but I never had a
good experience with it (ongoing host to container issue that may or may
not have been resolved in the kernel - I gave up long ago). I generally
used bridged, one way or another.
>
> In fact why do we always create a bridge and another subnet?
I don't understand this question. You have two parts which are
orthogonal.
Quite literally, the only differences between "bridged mode", "nat
mode", and "routed mode" is whether the host interface is a member of
the bridge and your router/nat configurations.
If the host interface is a member of the common bridge, you are in a
fully bridged mode and you don't need another subnet and your guests are
part of the hosts subnet.
If it's not, you're generally (default) assigning a private address to
the bridge and using NAT (nat
mode) or (very rare) assigning a global
unicast IPv4 block to the bridge and using true routing for "routed
mode" with static routes on your host.
The key to all three modes is that bridge, which acts as an internal
etherswitch on the host (some literature even refers to it as a virtual
lan). So the "and another subnet" actually only applies to two of those
three modes (and routed mode is so rare, I'm tempted to say it doesn't
really count).
also, If you really REALLY want to get bitching complex, you can use a
hybrid mode with IPv4 and IPv6 where IPv4 is routed / nated and IPv6 is
bridged directly. Then your IPv4 networking is on separate subnets but
your IPv6 routing is on a flat SLA (IPv6 subnet) and managed by the
common router and it's RA's (router advertisements). That requires
creative use of the mac level firewalling (ebtables) and is not
recommended unless you're a real
masochistic experimenter like I am.
> bretton
>
>
> Just one of those thoughts :)
>
Interesting thoughts but you have other options. What you are referring
to is merely the default.
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-users mailing list
Lxc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
