Greetings, Akshay Karle! > I've been looking at ways to isolate the network of each unprivileged > container that I create. I was thinking of putting each container in it's > own vlan or creating a macvlan in private mode. I haven't had success with > either. I also tried creating bridges for every container and attaching veth > pairs of the container to them, and after doing this I was still able to > ping the other containers from inside a container.
It would help to know, what level of isolation you're thinking about? What is the final end goal? > I did go through some old threads that mentioned that macvlans and vlans > are not available for unprivileged containers. Is this still the case? Most likely so. > If so, has anyone had success with network isolation for each container? Can > you please share ways to achieve this? -- With best regards, Andrey Repin Monday, October 19, 2015 23:35:24 Sorry for my terrible english... _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
