On Tue, Oct 19, 2010 at 3:58 PM, Serge E. Hallyn
<serge.hal...@canonical.com> wrote:
> Quoting Nirmal Guhan (vavat...@gmail.com):
>> On Tue, Oct 19, 2010 at 3:03 PM, Serge E. Hallyn
>> <serge.hal...@canonical.com> wrote:
>> > Quoting Serge E. Hallyn (serge.hal...@canonical.com):
>> >> Quoting Nirmal Guhan (vavat...@gmail.com):
>> >> > Hi,
>> >> >
>> >> > I have a requirement to create two virtual interfaces (eth0, eth1) in
>> >> > a linux container and separate traffic between the two based on ip
>> >> > route. Basically eth0 (or eth1) should be used for external world and
>> >> > eth1 for communication terminating at host. How do I go about doing
>> >> > this?
>> >> >
>> >> > I created two interfaces in the config and can see both of them in the
>> >> > container.
>> >> >
>> >> > lxc.network.type = veth
>> >> > lxc.network.link = br0
>> >> > lxc.network.ipv4 = 128.107.159.183/22
>> >> > lxc.network.name = eth0
>> >> > lxc.network.flags = up
>> >> > lxc.network.mtu = 1500
>> >> > lxc.network.type = veth
>> >> > lxc.network.link = br0
>> >>
>> >> If you want eth1 to be connected internally only, then shouldn't
>> >> you create a bridge br1, and use that here? Don't connect br1
>> >> to the physical nic, and you'll have your host-only bridge.
>>
>> Ok. This is what I did.
>> #brctl addbr br1
>>
>> Modified above config to lxc.network.link=br1 for eth1 and removed
>> eth0 so there is only one i/f. Since br1 is not attached to nic, how
>> do I now test host<->guest communication.Obviously I can't reach eth0
>> ip from lxc.
>
> Easiest and most telling wrt whether your setup will work, would be
> to create a second container the same way, and try to ping or
> nc to each other.
>
> -serge
>
Thanks. Pinging between containers work. Going back to my original
query, I need a tap interface as well in the bridge so it is actually
tap<->bridge<->veth on container . So I created a tap 'gtap' interface
in the host and added it to br1. Assinged IP to gtap and tried to ping
from the container but that does not work. Here are some add'l info :
26: gtap: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast state UNKNOWN qlen 500
link/ether fa:ad:bb:c0:d4:4c brd ff:ff:ff:ff:ff:ff
inet 192.168.1.15/24 brd 192.168.1.255 scope global gtap
inet6 fe80::f8ad:bbff:fec0:d44c/64 scope link
valid_lft forever preferred_lft forever
27: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether 92:e1:7e:95:4d:bc brd ff:ff:ff:ff:ff:ff
inet6 fe80::f8ad:bbff:fec0:d44c/64 scope link
valid_lft forever preferred_lft forever
[128:~]$ brctl show
bridge name bridge id STP enabled interfaces
br1 8000.92e17e954dbc no gtap
veths4EgPK
$ ip route show
192.168.1.0/24 dev gtap proto kernel scope link src 192.168.1.15
$sbin/arp
Address HWtype HWaddress Flags Mask Iface
192.168.1.10 (incomplete) gtap
>From container:
$ip route show
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.10
$ /sbin/arp
Address HWtype HWaddress Flags Mask Iface
192.168.1.15 (incomplete) eth1
Do I assign IP address to br1 instead of gtap?
Thanks,
Nirmal
------------------------------------------------------------------------------
Nokia and AT&T present the 2010 Calling All Innovators-North America contest
Create new apps & games for the Nokia N8 for consumers in U.S. and Canada
$10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
http://p.sf.net/sfu/nokia-dev2dev
_______________________________________________
Lxc-users mailing list
Lxc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
