On Wed, Nov 30, 2011 at 12:16 AM, C Anthony Risinger <anth...@xtfx.me> wrote:
> i'm not a networking guru, but i've inlined a few comments. i also
> don't use debian/ubuntu so i'm unsure the correct way to solve them
>
> ... my guess is you
> don't really want to enslave any physical devices to the bridge (br0).
> simply allow the bridge to act as a virtual "switch" and let routing
> do the rest :-)
beh, i got a little long-winded and forgot the best part! if this
guess is correct (you want your 4 existing networks/cards to remain as
is, and add LXC guests to the mix), try removing:
bridge_ports eth1
... from the `br0` config -- this alone might be enough to fix -- you
may still need to:
ip link set br0 up
... to force the bridge to an UP state. `ifup br0` probably works
too. but honestly, if you remove `bridge_ports`, i think everything
might Just Work.
--
C Anthony
____________________________________________________________________________
First off, thanks for all the help thus far. I was unaware that you could
create a bridge without attaching it to a physical interface - this is exactly
what I'd like to do. I removed the "bridge_ports" line from
/etc/network/interfaces and rebooted.
br0 does not come up automatically, as I'd like it to, but after using brctl to
add br0, and then ifconfig to bring it to an "up" state, I get much more
promising results in each of the commands you listed:
____ip route____:
default via 174.102.192.1 dev eth4 metric 100
169.254.0.0/16 dev eth4 scope link metric 1000
174.102.192.0/19 dev eth4 proto kernel scope link src 174.102.217.33
192.168.10.0/24 dev eth0 proto kernel scope link src 192.168.10.1
192.168.20.0/24 dev eth1 proto kernel scope link src 192.168.20.1
192.168.30.0/24 dev eth2 proto kernel scope link src 192.168.30.1
192.168.40.0/24 dev eth3 proto kernel scope link src 192.168.40.1
192.168.80.0/24 dev br0 proto kernel scope link src 192.168.80.1
___route n___:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 174.102.192.1 0.0.0.0 UG 100 0 0 eth4
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth4
174.102.192.0 0.0.0.0 255.255.224.0 U 0 0 0 eth4
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.30.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
192.168.40.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3
192.168.80.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
___ip link___:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:04:23:09:6a:14 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:04:23:09:6a:15 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:04:23:09:6a:16 brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:04:23:09:6a:17 brd ff:ff:ff:ff:ff:ff
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 576 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:0f:1f:fa:51:33 brd ff:ff:ff:ff:ff:ff
7: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state
DOWN qlen 1000
link/ether 00:13:f7:3b:2c:7c brd ff:ff:ff:ff:ff:ff
10: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
12: vethTu1nnI: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast master br0 state UP qlen 1000
link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
___ip addr___:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:04:23:09:6a:14 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.1/24 brd 192.168.10.255 scope global eth0
inet6 fe80::204:23ff:fe09:6a14/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:04:23:09:6a:15 brd ff:ff:ff:ff:ff:ff
inet 192.168.20.1/24 brd 192.168.20.255 scope global eth1
inet6 fe80::204:23ff:fe09:6a15/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:04:23:09:6a:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.30.1/24 brd 192.168.30.255 scope global eth2
inet6 fe80::204:23ff:fe09:6a16/64 scope link
valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:04:23:09:6a:17 brd ff:ff:ff:ff:ff:ff
inet 192.168.40.1/24 brd 192.168.40.255 scope global eth3
inet6 fe80::204:23ff:fe09:6a17/64 scope link
valid_lft forever preferred_lft forever
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 576 qdisc pfifo_fast state UP
qlen 1000
link/ether 00:0f:1f:fa:51:33 brd ff:ff:ff:ff:ff:ff
inet 174.102.217.33/19 brd 255.255.255.255 scope global eth4
7: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state
DOWN qlen 1000
link/ether 00:13:f7:3b:2c:7c brd ff:ff:ff:ff:ff:ff
10: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
inet 192.168.80.1/24 brd 192.168.80.255 scope global br0
inet6 fe80::9044:1cff:fe32:706/64 scope link
valid_lft forever preferred_lft forever
12: vethTu1nnI: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast master br0 state UP qlen 1000
link/ether 92:44:1c:32:07:06 brd ff:ff:ff:ff:ff:ff
inet6 fe80::9044:1cff:fe32:706/64 scope link
valid_lft forever preferred_lft forever
However, I'm still unable to access the internet from within my container. I
can ping the container (192.168.80.2) from the host machine, and the host
machine from the container. But, from the container, I can only reach the host
machine at 192.168.80.1, which is odd, as anywhere else on the network (any of
the subnets), I can access the main machine at 192.168.X0.1 (where X is 1, 2,
3, 4 _OR EVEN_ 8 --- which is the bridge subnet).
Again, thanks for the help. Any other mailing list etiquette is appreciated as
well (I'm more of a forum guy, but no forums seem too well versed in
containers, which left me here. I know this is more a networking issue at this
point, but everyone that replies to this list seems reasonably knowledgeable
all around, not stricly LXC stuff).
Pat
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Lxc-users mailing list
Lxc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
