Quoting Marc MAURICE ([email protected]): > Hi, > thanks a lot for your answers. > >well ... nothing outside the server should even know about the > >container's MAC address. Because if the network setup is the same as > >mine, then the provider's router would route all traffic for the > >container thru main server's IP. In other words, the provider's router > >will ask for the server's IP, not the container's IP. > > > >Can you give real IP addresses? The easiest way to check, is that if > >your server's main IP and additional IP are on DIFFERENT subnets (e.g. > >111.94.248.114/24 and 65.55.58.201/32), then it's routed setup. If > >it's on the SAME subnet, then you can't copy my setup, because the > >network config is different. > My IP addresses are clearly on 2 differents subnets. > The hardware host has a dedicated IP on a public /24 subnet : > 62.210.82.XX/24 > > And the additionnal IP for the container : > 212.129.10.XX/32 > > But I think you're right : this is different. The provider's router > is not routing directly with the hardware host IP. > > > >>How do I tell my host to respond to those arp queries ? > > > > > >Assuming that your setup is DIFFERENT from mine (that is, your server > >AND container IP are on the same subnet), you could probably try > >something like this. Note that you should make SURE you have console > >access (e.g. KVM, ILO) to your server incase something goes wrong > >before trying this. > > > >Asssuming: > >- the provider's router IP is 192.168.124.1/24 > >- your server is connected to provider's router thru eth0, with ip > >address 192.168.124.179/24, MAC 00:16:3e:46:76:9e > >- your server is connected to the container thru br0 bridge > >- the container's IP is 192.168.124.180 > > > >On the server: > >- remove IP address on the bridge: ifconfig br0 0.0.0.0 up > >- add container's IP information in arp table: arp -i eth0 -s > >192.168.124.180 00:16:3e:46:76:9e pub > >- add route to the container via the bridge: ip route add > >192.168.124.180 dev br0 > > > >On the container: pretty much the same as the previous setup. Except > >now use the server's eth0 ip address as the gateway > >- ifconfig eth0 192.168.124.180/32 up > >- ip route add 192.168.124.179 dev eth0 > >- ip route add default via 192.168.124.179 > > > > > >If that works, then you can setup the appropriate config file (e.g > >/etc/network/interfaces) so the process would start automatically. > > > Yes ! > The arp publishing command is the key ! It's working now ! > I will take some time to clean up my config and give it back here. > > However I think it would be nice to have it done automatically by > LXC start scripts.
Because host networking is very distro-dependent, we cannot do a lot of things in upstream lxc. However we're starting to ship things under config/, so if we can figure out how to do this for the most common distros, that'd be nice. If you blog a concise explanation/tutorial of the minimal steps you needed to do, we can try to figure out where the pieces need to go. _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
