On Wed, Nov 30, 2011 at 12:16 AM, C Anthony Risinger <anth...@xtfx.me> wrote:
> i'm not a networking guru, but i've inlined a few comments. i also > don't use debian/ubuntu so i'm unsure the correct way to solve them > > ... my guess is you > don't really want to enslave any physical devices to the bridge (br0). > simply allow the bridge to act as a virtual "switch" and let routing > do the rest :-) beh, i got a little long-winded and forgot the best part! if this guess is correct (you want your 4 existing networks/cards to remain as is, and add LXC guests to the mix), try removing: bridge_ports eth1 ... from the `br0` config -- this alone might be enough to fix -- you may still need to: ip link set br0 up ... to force the bridge to an UP state. `ifup br0` probably works too. but honestly, if you remove `bridge_ports`, i think everything might Just Work. -- C Anthony ____________________________________________________________________________ First off, thanks for all the help thus far. I was unaware that you could create a bridge without attaching it to a physical interface - this is exactly what I'd like to do. I removed the "bridge_ports" line from /etc/network/interfaces and rebooted. br0 does not come up automatically, as I'd like it to, but after using brctl to add br0, and then ifconfig to bring it to an "up" state, I get much more promising results in each of the commands you listed: ____ip route____: default via 174.102.192.1 dev eth4 metric 100 169.254.0.0/16 dev eth4 scope link metric 1000 174.102.192.0/19 dev eth4 proto kernel scope link src 174.102.217.33 192.168.10.0/24 dev eth0 proto kernel scope link src 192.168.10.1 192.168.20.0/24 dev eth1 proto kernel scope link src 192.168.20.1 192.168.30.0/24 dev eth2 proto kernel scope link src 192.168.30.1 192.168.40.0/24 dev eth3 proto kernel scope link src 192.168.40.1 192.168.80.0/24 dev br0 proto kernel scope link src 192.168.80.1 ___route n___: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 174.102.192.1 0.0.0.0 UG 100 0 0 eth4 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth4 174.102.192.0 0.0.0.0 255.255.224.0 U 0 0 0 eth4 192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.30.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 192.168.40.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3 192.168.80.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 ___ip link___: 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:04:23:09:6a:14 brd ff:ff:ff:ff:ff:ff 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:04:23:09:6a:15 brd ff:ff:ff:ff:ff:ff 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:04:23:09:6a:16 brd ff:ff:ff:ff:ff:ff 5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:04:23:09:6a:17 brd ff:ff:ff:ff:ff:ff 6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 576 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0f:1f:fa:51:33 brd ff:ff:ff:ff:ff:ff 7: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000 link/ether 00:13:f7:3b:2c:7c brd ff:ff:ff:ff:ff:ff 10: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff 12: vethTu1nnI: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000 link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff ___ip addr___: 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:04:23:09:6a:14 brd ff:ff:ff:ff:ff:ff inet 192.168.10.1/24 brd 192.168.10.255 scope global eth0 inet6 fe80::204:23ff:fe09:6a14/64 scope link valid_lft forever preferred_lft forever 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:04:23:09:6a:15 brd ff:ff:ff:ff:ff:ff inet 192.168.20.1/24 brd 192.168.20.255 scope global eth1 inet6 fe80::204:23ff:fe09:6a15/64 scope link valid_lft forever preferred_lft forever 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:04:23:09:6a:16 brd ff:ff:ff:ff:ff:ff inet 192.168.30.1/24 brd 192.168.30.255 scope global eth2 inet6 fe80::204:23ff:fe09:6a16/64 scope link valid_lft forever preferred_lft forever 5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:04:23:09:6a:17 brd ff:ff:ff:ff:ff:ff inet 192.168.40.1/24 brd 192.168.40.255 scope global eth3 inet6 fe80::204:23ff:fe09:6a17/64 scope link valid_lft forever preferred_lft forever 6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 576 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0f:1f:fa:51:33 brd ff:ff:ff:ff:ff:ff inet 174.102.217.33/19 brd 255.255.255.255 scope global eth4 7: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000 link/ether 00:13:f7:3b:2c:7c brd ff:ff:ff:ff:ff:ff 10: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff inet 192.168.80.1/24 brd 192.168.80.255 scope global br0 inet6 fe80::9044:1cff:fe32:706/64 scope link valid_lft forever preferred_lft forever 12: vethTu1nnI: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000 link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff inet6 fe80::9044:1cff:fe32:706/64 scope link valid_lft forever preferred_lft forever However, I'm still unable to access the internet from within my container. I can ping the container (192.168.80.2) from the host machine, and the host machine from the container. But, from the container, I can only reach the host machine at 192.168.80.1, which is odd, as anywhere else on the network (any of the subnets), I can access the main machine at 192.168.X0.1 (where X is 1, 2, 3, 4 _OR EVEN_ 8 --- which is the bridge subnet). Again, thanks for the help. Any other mailing list etiquette is appreciated as well (I'm more of a forum guy, but no forums seem too well versed in containers, which left me here. I know this is more a networking issue at this point, but everyone that replies to this list seems reasonably knowledgeable all around, not stricly LXC stuff). Pat ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-novd2d _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users