Thanks for the great explanation.! Anjali On 8/14/14 5:41 AM, "Jäkel, Guido" <[email protected]> wrote:
>Dear Anjali, > >you'll know that a bridge acts at network layer 2, i.e. dealing just with >the MACs. > >In the typical usecase you want to bridge the hosts outside network to >the containers. To archive this, you attach the hostside of the >containers virtual NICs (which you can imagine as a "short wire" between >the namespaces) to the bridge and also the hosts real NIC. While >attaching to the bridge, the NICs are switches to "promiscuous mode", >i.e. they don't care of matching IP addresses at layer 3 and accept any >packet. > >But now, how to connect the host with the outerworld, where to place the >hosts layer 3 config? That's why you put this parameter set to the Linux >software bridge: To act as an outgoing device of the hosts "IP stack". > >If you leave this empty, the bridge is isolated from the host. If you >don't attach a physical NIC to the bridge, it's isolated from the outer >world. > >From that Serge suggested to instanciate a bridge, attach the parties to >it (layer 2) and choose some adequate layer3 network configuration to >route IP traffic between them. > > >BTW: If you're dealing with VLANs, you may "first" attach vlan devices to >your physical NIC on a trunk and "then" attach a couple of bridges to >this vlan devices. This will allow you to host isolated sets of >containers in different VLAN's, e.g. for staging purposes. > >Guido > >>-----Original Message----- >>From: lxc-users [mailto:[email protected]] On >>Behalf Of Anjali Kulkarni >>Sent: Wednesday, August 13, 2014 7:40 PM >>To: LXC users mailing-list >>Subject: Re: [lxc-users] Cannot create a macvlan private bridge on lx >> >>Yes, but does this not go through the host? That is, the host's >>eth0(management) has to be in this bridge? I want to be able to create >>multiple such bridges, so I cannot add the eth0 of host to every such >>bridge.. >>This works already, I want a "private" bridge between VM and container, >>which does not go through the host. >> >>Anjali >_______________________________________________ >lxc-users mailing list >[email protected] >http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
