Hello, Disclaimer: this question may seem simple to all virtualization wizards, although I have read _many_ LXC (and other virtualization technologies) tutorials, none of them provide a description of the technical setting required.
Context: I rent a dedicated server from OVH, which is provided with 3 IP addresses: PUB1, PUB2 and PUB3. PUB1 is associated with a subnet and a gateway, but PUB2 and PUB3 are provided without such information. I was just informed that these 2 IP are routed to PUB1, without the need to setup additional network configuration, except of course for the IP aliases (eth0:0 and eth0:1). These 2 additional IP adresses have no associated gateway or netmask (unless /32)... Problem: 2 LXC guests (LXC_PUB2 and LXC_PUB3) can connect to the internet if I assign them PUB2 and PUB3 and create a bridge on eth0, which is using PUB1 for the host. When I try to access the SSH server hosted on LXC_PUB2 or LXC_PUB3 from another computer, I see the authentication prompt of the host, not of the guests. It is not possible to access the guests from the outside. It is not possible to access the guests from the host (other than using lxc-console). Requirement: The host (Linux / Debian Squeeze) will host many LXC guests. Some of them will have dedicated public IP addresses (from various subnets), other will be "private" guests using private (non routable) IP adresses, for development and UAT. All packets sent from the internet to PUB1 should be directed to ports opened on the host. All packets sent from the internet to PUB2 should be directed to LXC_PUB2. All packets sent from the internet to PUB3 should be directed to LXC_PUB3. LXC_PUB2 and LXC_PUB3 should be able to communicate between each other. LXC_PUB2 and LXC_PUB3 should be able to communicate with the other local guests using non routable IP addresses. The host should be able to communicate with both "public" and "private" guests. Question: My question is: which network setup would be appropriate? Bridge only seems limited as guests cannot be seen from the outside. I recon I am quite lost between the bridge configuration, TUN/TAP and the fact that I have no gateway+netmask for PUB2 and PUB3, and that I therefore cannot input valid information into the config file of the LXC (and inside the guest, the network configuration is incorrect as well). Iptables + NATing will be required for guests using private IPs, will this be necessary for LXC_PUB2 and LXC_PUB3 as well? Many online tutorial use DHCP and/or private IP addresses for guests. I need a mix of private and public IP adresses... with public IP on different subnets... Any pointer would be very appreciated (although as I have mentioned I must have read dozens of blogs, articles, posts from this mailing-list without finding an appropriate solution). Best regards, David ------------------------------------------------------------------------------ What Every C/C++ and Fortran developer Should Know! Read this article and learn how Intel has extended the reach of its next-generation tools to help Windows* and Linux* C/C++ and Fortran developers boost performance applications - including clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users