On Sat, 2014-05-03 at 11:52 -0400, CDR wrote: > Dear friends > I got stuck in the simplest part. > First I tried libvirt and using the default network, whic works fine > in virtual machines > I created a Libvir-LSC container, and I can ping the host, DHCP > works,etc., but no forwarding to the network. > A pure LXC container with this network, failed. > > lxc.network.type = veth > lxc.network.flags = up > lxc.network.link = virbr0 > lxc.network.ipv4 = 0.0.0.0/24 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Huh? What?!?! That can't be right. 0/8 is reserved. So 0.0.0.0/24 is part of a reserved network. You can't use it. What was the network on the bridge and why weren't you using that? > Then I removed that network, undefined it, and created an empty > bridge, br0, and set up a simple iptables script. Note, I am not using > any firewall for my box, only for natting. > > #!/bin/sh > iptables -F > iptables -t nat -F > > iptables --table nat -o eth1 --append POSTROUTING -s 192.168.122.0/24 > -j MASQUERADE > iptables -A FORWARD -i br0 -o eth1 -m state --state > ESTABLISHED,RELATED -j ACCEPT > iptables-save > > the container can ping the default gateway at 192.168.122.1, but > again, no forwarding done. > > My kernel hast these configuration > > > sysctl -A | grep bridge > > net.bridge.bridge-nf-call-arptables = 0 > net.bridge.bridge-nf-call-ip6tables = 0 > net.bridge.bridge-nf-call-iptables = 0 > net.bridge.bridge-nf-filter-pppoe-tagged = 0 > net.bridge.bridge-nf-filter-vlan-tagged = 0 > net.bridge.bridge-nf-pass-vlan-input-dev = 0 > > sysctl -A | grep forward > net.ipv4.conf.all.forwarding = 1 > net.ipv4.conf.all.mc_forwarding = 0 > net.ipv4.conf.br0.forwarding = 1 > net.ipv4.conf.br0.mc_forwarding = 0 > net.ipv4.conf.default.forwarding = 1 > net.ipv4.conf.default.mc_forwarding = 0 > net.ipv4.conf.eth0.forwarding = 1 > net.ipv4.conf.eth0.mc_forwarding = 0 > net.ipv4.conf.eth1.forwarding = 1 > net.ipv4.conf.eth1.mc_forwarding = 0 > net.ipv4.conf.lo.forwarding = 1 > net.ipv4.conf.lo.mc_forwarding = 0 > net.ipv4.conf.virbr0.forwarding = 1 > net.ipv4.conf.virbr0.mc_forwarding = 0 > net.ipv4.conf.virbr0-nic.forwarding = 1 > net.ipv4.conf.virbr0-nic.mc_forwarding = 0 > net.ipv4.ip_forward = 1 > net.ipv4.ip_forward_use_pmtu = 0 > > > Can anybody point to what is happening? > > Note: if in the pure LXC configuration, it works fine if I use > lxc.network.type=macvlan > lxc.network.macvlan.mode=bridge > lxc.network.link=eth1 > lxc.network.flags=up > > > Yours > Philip > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users -- Michael H. Warfield (AI4NB) | (770) 978-7061 | [email protected] /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
signature.asc
Description: This is a digitally signed message part
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
