On Wed, 2011-02-02 at 12:07 -0800, Dean Mao wrote: > Yeah, it's quite easy to do this. Here's my lxc network config from > one of my machines: > > > lxc.network.type = veth > lxc.network.flags = up > lxc.network.link = br1 > lxc.network.ipv4 = 192.168.0.4/24 > > > My outside network is eth0/br0, and my inside network is just br1. I > add these rules to forward br0 to br1: > > > iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE > iptables -A FORWARD -i br0 -o br1 -m state --state RELATED,ESTABLISHED > -j ACCEPT > iptables -A FORWARD -i br1 -o br0 -j ACCEPT > > > The br1 bridge connects all the lxc containers together on the same > host, eth0/br0 offers a connection to the outside world should one of > the containers require it.
Doesn't this require br1 and the containers to be on the same network? Is works for me as long as the internal interface bridge and the containers share the same network, but I would like to have something like this: eth0 -> external network eth1 -> 10.0.0.0/16 network containers -> 192.168.0.0/16 network Thank, Andre ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
