Re: [Lxc-users] local routing
Hallo, Maybe I misunderstand your question, please tell me so. It seems to me you want to just script this routing stuff, this is possible in lxc on the host (use lxc.network.script.up), then all you need is configure properly the network interface in the guest os (in debian /etc/network/interfaces) hth John ps. I don't want to seem to be agressively advertising my site, but i have a similar setup described on http://j.9souldier.org/trunk/lxc/net/ -- The Excuse: TCP/IP UDP alarm threshold is set too low. On Wed, 11 May 2011 14:40:05 +0200 Ulli Horlacher wrote: > On Wed 2011-05-11 (11:29), Daniel Lezcano wrote: > > > If you create a bridge, attach the physical interface to it, give > > the bridge the ip address you usually give to eth0, (make sure > > ifconfig eth0 0.0.0.0) and then give an IP address to the container > > on the same network than eth0, that will allow to have your > > container to communicate on the network and the host without > > passing through a gateway. > > This is already working. Example (vms2 is the host): > > root@vms2:~# lxc -l > container size (MB) start-PIDstatus > flupp 332025251 running > ubuntu 490 0 stopped > vmtest8 4905664 running > > root@vms2:~# host vms2 > vms2.rus.uni-stuttgart.de has address 129.69.1.68 > > root@vms2:~# host flupp > flupp.rus.uni-stuttgart.de has address 129.69.1.219 > > root@vms2:~# traceroute flupp > traceroute to flupp (129.69.1.219), 30 hops max, 60 byte packets > 1 flupp.rus.uni-stuttgart.de (129.69.1.219) 16.533 ms 16.537 ms > 16.538 ms > > > But I have other containers on other networks, too. Example: > > root@vms2:~# host vmtest8 > vmtest8.rus.uni-stuttgart.de has address 129.69.8.6 > > root@vms2:~# traceroute vmtest8 > traceroute to vmtest8 (129.69.8.6), 30 hops max, 60 byte packets > 1 ar30a-y2g-rus-1.rus.uni-stuttgart.de (129.69.1.251) 0.674 ms > 0.734 ms 0.793 ms 2 * * * > > vmtest8 has no internet connection so far, because the VLAN setup is > not correct. But this is another problem :-} > > Nevertheless the host vms2 should reach the container vmtest8 directly > (internaly) without using an external router. > > I can obtain this by setting host routes on vms2 and vmtest8, as I > have described in my first mail. Then host and container can reach > each other directly. What I now want is some kind of automatism. I do > not want to set such host routes manually, every time I use lxc-start. > > > > > -- Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] local routing
On Tue 2011-05-10 (20:08), C Anthony Risinger wrote: > I believe Daniel is saying you can pass each container two interfaces -- one > is the public and one is a local only private network for your host and > containers. Then I have secondary addresses for each server and I have to decide manually which one I have to use for internal communication. > Though I'd think the host/bridge code would not actually ping pong the > packets off an external device if the target IP resolves back to the host? It does. -- Ullrich Horlacher Server- und Arbeitsplatzsysteme Rechenzentrum E-Mail: horlac...@rus.uni-stuttgart.de Universitaet Stuttgart Tel:++49-711-685-65868 Allmandring 30 Fax:++49-711-682357 70550 Stuttgart (Germany) WWW:http://www.rus.uni-stuttgart.de/ -- Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] local routing
On Wed 2011-05-11 (11:29), Daniel Lezcano wrote: > If you create a bridge, attach the physical interface to it, give the > bridge the ip address you usually give to eth0, (make sure ifconfig eth0 > 0.0.0.0) and then give an IP address to the container on the same > network than eth0, that will allow to have your container to communicate > on the network and the host without passing through a gateway. This is already working. Example (vms2 is the host): root@vms2:~# lxc -l container size (MB) start-PIDstatus flupp 332025251 running ubuntu 490 0 stopped vmtest8 4905664 running root@vms2:~# host vms2 vms2.rus.uni-stuttgart.de has address 129.69.1.68 root@vms2:~# host flupp flupp.rus.uni-stuttgart.de has address 129.69.1.219 root@vms2:~# traceroute flupp traceroute to flupp (129.69.1.219), 30 hops max, 60 byte packets 1 flupp.rus.uni-stuttgart.de (129.69.1.219) 16.533 ms 16.537 ms 16.538 ms But I have other containers on other networks, too. Example: root@vms2:~# host vmtest8 vmtest8.rus.uni-stuttgart.de has address 129.69.8.6 root@vms2:~# traceroute vmtest8 traceroute to vmtest8 (129.69.8.6), 30 hops max, 60 byte packets 1 ar30a-y2g-rus-1.rus.uni-stuttgart.de (129.69.1.251) 0.674 ms 0.734 ms 0.793 ms 2 * * * vmtest8 has no internet connection so far, because the VLAN setup is not correct. But this is another problem :-} Nevertheless the host vms2 should reach the container vmtest8 directly (internaly) without using an external router. I can obtain this by setting host routes on vms2 and vmtest8, as I have described in my first mail. Then host and container can reach each other directly. What I now want is some kind of automatism. I do not want to set such host routes manually, every time I use lxc-start. -- Ullrich Horlacher Server- und Arbeitsplatzsysteme Rechenzentrum E-Mail: horlac...@rus.uni-stuttgart.de Universitaet Stuttgart Tel:++49-711-685-65868 Allmandring 30 Fax:++49-711-682357 70550 Stuttgart (Germany) WWW:http://www.rus.uni-stuttgart.de/ -- Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] local routing
On 05/10/2011 12:24 AM, Ulli Horlacher wrote: > On Mon 2011-05-09 (22:52), Daniel Lezcano wrote: >> On 05/09/2011 03:10 PM, Ulli Horlacher wrote: >> >>> I have a lxc host (zoo 129.69.1.68) with a container (vmtest8 129.69.8.6). >>> >>> I want all host/container communication to be internal without network >>> traffic going via external router. >> Maybe I misunderstood but why don't you setup a bridge for the container >> only without attaching the physical interface and making sure >> /proc/sys/net/ipv4/ip_forward is not set ? > Of course the containers shall be able to communicate with the internet, > too. > > But I want the communication of host-container to be internal and not via > external router. If you create a bridge, attach the physical interface to it, give the bridge the ip address you usually give to eth0, (make sure ifconfig eth0 0.0.0.0) and then give an IP address to the container on the same network than eth0, that will allow to have your container to communicate on the network and the host without passing through a gateway. Is it what you want to achieve ? -- Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
