I already used for a while a container (Arch on Arch). I had two distinct IP and a working setup thanks to good help from Tom Gundersen
I am trying to replicate my network settings on a new setup (Fedora on Arch). For now, I am just trying with DHCP. Here the setup on host: ---------------------------------------------------------------------------- 1- created a virtual bridge $ cat /etc/systemd/network/Bridge.netdev [NetDev] Name=br0 Kind=bridge 2 - bind my eth to the bridge $ cat /etc/systemd/network/eth.network [Match] Name=en* [Network] Bridge=br0 3- created bridge network unit $ cat /etc/systemd/network/bridge.network [Match] Name=br0 [Network] DHCP=IPV4 -------------------------------------------------------------------------------- Nothing else. when container is up: $ ip a 2: enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000 link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff inet6 fe80::16da:e9ff:feb5:7a88/64 scope link valid_lft forever preferred_lft forever 4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether b6:0c:00:22:f1:4a brd ff:ff:ff:ff:ff:ff inet 192.168.1.87/24 brd 192.168.1.255 scope global br0 valid_lft forever preferred_lft forever inet6 fe80::b40c:ff:fe22:f14a/64 scope link valid_lft forever preferred_lft forever 9: vb-poppy: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN group default qlen 1000 link/ether 0e:9a:d7:18:a3:59 brd ff:ff:ff:ff:ff:ff $ ip route default via 192.168.1.254 dev br0 proto static 192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.87 % brctl show bridge name bridge id STP enabled interfaces br0 8000.b60c0022f14a no enp7s0 vb-poppy --------------------------------------------------------------- I used to boot the container this way : # systemd-nspawn --network-bridge=br0 -bD /path_to/my_container Is this correct? ***************** Now on the container side: Nothing configured. NetworkManager enabled, systemd-networkd enabled and started. ------------------------------- $ ip a 2: host0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 0e:7f:c3:fb:25:b1 brd ff:ff:ff:ff:ff:ff ------------------------------------- host0 is down $ journalctl -x .................. -- Unit NetworkManager.service has begun starting up. Apr 27 13:18:01 poppy firewalld[35]: 2015-04-27 13:18:01 ERROR: ebtables not usable, disabling ethernet bridge firewall. Apr 27 13:18:01 poppy firewalld[35]: 2015-04-27 13:18:01 FATAL ERROR: No IPv4 and IPv6 firewall. Apr 27 13:18:01 poppy firewalld[35]: 2015-04-27 13:18:01 ERROR: Raising SystemExit in run_server Apr 27 13:18:01 poppy NetworkManager[67]: <info> NetworkManager (version 1.0.0-8.fc22) is starting... Apr 27 13:18:01 poppy NetworkManager[67]: <info> Read config: /etc/NetworkManager/NetworkManager.conf Apr 27 13:18:01 poppy NetworkManager[67]: <info> WEXT support is enabled Apr 27 13:18:01 poppy NetworkManager[67]: <warn> Could not get hostname: failed to read /etc/sysconfig/network Apr 27 13:18:01 poppy NetworkManager[67]: <info> Acquired D-Bus service com.redhat.ifcfgrh1 .......................................................... Obviously my old fashioned way to give two IP adress does not work, and I can't find any other idea/way to do the setup. Is this firewall story in journalctl the culprit? I do not want any basic firewall as hardening will be done with Apparmor (already built in the kernel) and grsec in a second step. Hint: I run a custom kernel. Maybe did I miss some network settings ? Thank you for hints -- google.com/+arnaudgabourygabx _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel