Thank you Fajar. I misunderstand many concepts. Your response here is the best documentation I've found on exactly what is happening behind the scenes when using 'lxc network create'. I still don't understand why entries are needed & created in iptables as a result of running that command, but that's a discussion for another day.
You also recommend I not "rely on lxc config file [for a static IP], but rather set it up directly in the container OS." I did it both places. I'm not sure which is overriding which. -Mike Fajar A. Nugraha wrote: > On Sat, Jun 10, 2017 at 12:38 PM, Michael Johnson > <john...@cognitech-ut.com <mailto:john...@cognitech-ut.com>> wrote: > > Thanks for all the suggestions. I seem to have magically fixed it. When > I changed the parent from lxdbr0 to br0 it now works. Lxdbr0 was a > 'network' I created with 'lxc network create' and br0 was the host > bridge I configured by hand. This probably makes sense to someone who > understands how lxd works. There seems to be a conflict between static > ip addresses and the way 'lxc network create' defines a bridge. Possibly > I missed a config option for routing that is necessary when static ip is > combined with 'lxc network create'. > > > > You seem misunderstood some concept: > > (1) lxc network create > - basically creates a bridge, managed by lxd, optionally with its own > DHCP server (dnsmasq). > - it is a SEPARATE network from your host's network (e.g. eth0) > - you CAN assign "static ip" on this bridge. Or to be more accurate, > configure the dhcp server to always assign a specific IP for that container > > (2) host bridge (should be br0 in your example) > - on the same L2 network with your host interface > - use whatever DHCP server available on the network (if available). You > should NOT create your own dhcp server on this bridge > > (3) container's interface config > - there are some ways to setup an container's IP address > - a container can, most of the times, overide IP address assignment on > lxc config > - the best setup, IMHO, is to either: > --> have container using dhcp, and setup the DHCP server (which include > lxd's dnsmasq) to assign persistent ip address. This is the example > listed on > https://stgraber.org/2016/10/27/network-management-with-lxd-2-3/ . OR > --> configure the container OS (e.g. on /etc/network/interfaces, or > equivalent distro location) to use static IP > > > Did not work: > > devices: > default: > ipv4.address: 192.168.0.36/24 <http://192.168.0.36/24> > name: eth0 > nictype: bridged > parent: lxdbr0 > type: nic > > > Which is the correct behavior. Since lxdbr0 is on separate network from > your host's eth0 > > > > Did work: > > devices: > default: > ipv4.address: 192.168.0.36/24 <http://192.168.0.36/24> > name: eth0 > nictype: bridged > parent: br0 > type: nic > > > This is probably where you don't setup any IP configuration on the > container side, so it continue to use whatever address assigned by lxd > when the container started. For this type of setup though, I recommend > to NOT rely on lxc config file, but rather set it up directly in the > container OS. > > -- > Fajar > > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users > _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
