I found the solution... I just needed to add static routes that set the /27 as the "next hop" _instead of_ going through the gateway. The gateway doesn't seem to want to route traffic between VMs on my box. Can't say I blame it; that's unnecessary load on the hosting provider's equipment. Instead, I'm simply taking advantage of the layer 2 bridge that brings my host and all the guests and VMs together, by telling the routing table that it's OK to directly hit that IP as the next hop.
Appreciate the help. It got me looking for the right things and eventually found the answer. Sean On Thu, Oct 8, 2015 at 3:27 AM, Fajar A. Nugraha <[email protected]> wrote: > On Thu, Oct 8, 2015 at 4:47 AM, Sean McNamara <[email protected]> wrote: >> Here's an example from LXD config, where the following placeholders >> are used to mask my specific information: >> > >> "1.2.3.4" >> "5.6.7.255" >> "DEFAULT_GATEWAY"> >> "de:ad:be:ef" >> "MAIN" > > all those obfuscation makes my head hurt. > >> raw.lxc: "lxc.network.ipv4=1.2.3.4/32 >> 5.6.7.255\nlxc.network.ipv4.gateway=DEFAULT_GATEWAY\nlxc.network.hwaddr=de:ad:be:ef\nlxc.network.flags=up >> \ \nlxc.network.mtu=1500\n" > > /32 should not have a broadcast address. Doesn't matter if the > original /27 has a broadcast address, once you use /32, then the > original broadcast address doesn't apply anymore as everything has to > go thru the gateway. > > On a normal lxc (not lxd), I simply use this > > lxc.network.ipv4 = 50.30.36.58/32 > lxc.network.ipv4.gateway = 10.0.0.1 > > and the result from inside the container: > # ip ad li eth0 > 96: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast > state UP qlen 1000 > link/ether 00:16:3e:c7:b9:d6 brd ff:ff:ff:ff:ff:ff > inet 50.30.36.58/32 brd 255.255.255.255 scope global eth0 > valid_lft forever preferred_lft forever > > # ip route > default via 10.0.0.1 dev eth0 > 10.0.0.1 dev eth0 scope link > > I'm guessing your broadcast setting caused the problem. Try removing > it on two containers first, and see if they can ping each other. A > "traceroute" between the two containers should also show that traffic > goes THRU the gateway instead of directly to the other container's IP. > > -- > Fajar > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
