Dear friends I got stuck in the simplest part. First I tried libvirt and using the default network, whic works fine in virtual machines I created a Libvir-LSC container, and I can ping the host, DHCP works,etc., but no forwarding to the network. A pure LXC container with this network, failed.
lxc.network.type = veth lxc.network.flags = up lxc.network.link = virbr0 lxc.network.ipv4 = 0.0.0.0/24 Then I removed that network, undefined it, and created an empty bridge, br0, and set up a simple iptables script. Note, I am not using any firewall for my box, only for natting. #!/bin/sh iptables -F iptables -t nat -F iptables --table nat -o eth1 --append POSTROUTING -s 192.168.122.0/24 -j MASQUERADE iptables -A FORWARD -i br0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables-save the container can ping the default gateway at 192.168.122.1, but again, no forwarding done. My kernel hast these configuration sysctl -A | grep bridge net.bridge.bridge-nf-call-arptables = 0 net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-filter-pppoe-tagged = 0 net.bridge.bridge-nf-filter-vlan-tagged = 0 net.bridge.bridge-nf-pass-vlan-input-dev = 0 sysctl -A | grep forward net.ipv4.conf.all.forwarding = 1 net.ipv4.conf.all.mc_forwarding = 0 net.ipv4.conf.br0.forwarding = 1 net.ipv4.conf.br0.mc_forwarding = 0 net.ipv4.conf.default.forwarding = 1 net.ipv4.conf.default.mc_forwarding = 0 net.ipv4.conf.eth0.forwarding = 1 net.ipv4.conf.eth0.mc_forwarding = 0 net.ipv4.conf.eth1.forwarding = 1 net.ipv4.conf.eth1.mc_forwarding = 0 net.ipv4.conf.lo.forwarding = 1 net.ipv4.conf.lo.mc_forwarding = 0 net.ipv4.conf.virbr0.forwarding = 1 net.ipv4.conf.virbr0.mc_forwarding = 0 net.ipv4.conf.virbr0-nic.forwarding = 1 net.ipv4.conf.virbr0-nic.mc_forwarding = 0 net.ipv4.ip_forward = 1 net.ipv4.ip_forward_use_pmtu = 0 Can anybody point to what is happening? Note: if in the pure LXC configuration, it works fine if I use lxc.network.type=macvlan lxc.network.macvlan.mode=bridge lxc.network.link=eth1 lxc.network.flags=up Yours Philip _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
