Ok... so this might not even be possible so this will be theoretical speak only. I don't have a configuration at the moment as the progress I made before was wiped when I gave up before. I found out about some limitations from my host so I was wondering if this scheme was possible.
Both IP1 and IP2 are on different subnets. Statically assigned by provider. Container1 will be a container that I want to expose to the world bypassing iptables. There is an additional issue here. The container's mac address can't be leaked over the bridge. It must appear to be coming from the host. Reason is because switch security doesn't allow unauthorized mac addresses to route. Host has IP1 on br0 Host routes IP2 to Container1 but it isn't assigned to the interface? (eg I don't want any services on the host to be able to bind to IP2 at all) Container1 handles IP2 on virtual eth0 Container2 (and so forth) are NAT routed for testing Can this be done at all? Any input will be extremely useful. Robert Pendell shi...@elite-systems.org A perfect world is one of chaos. ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users