www.bonsaiframework.com
Page tree

Versions Compared

Old Version 2

changes.mady.by.user Tin Pham

Saved on

compared with

New Version 3

changes.mady.by.user Tin Pham

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The most viable options, I understand are using bridge or a dedicated vlan.

With MACVLAN macvlan you configure the container to directly use the public IP address without the overhead of changing the network card to promiscuous mode. Once setup the macvlan gets it's own MAC address. This only works if there are no restrictions on the network which set's static IPs based on the hosts' MAC address. Usually this is only the case with the initial primary IP provided by the hosting company.

With macvlan, the The containers can reach the network and each other, but not the host. Even though the host may be on the same network. I am not sure why this is the case (maybe security?) but do not see a need to solve with any use case. macvlan has many modes, but from my readings bridge mode is most appropriate.

If you had previously assigned a static IP to the container using /etc/lxc/dnsmasq.conf make sure to remove the entry (I believe you also need to restart the host).

macvlan mac address

The first thing to do is to create a mac address for the macvlan interface to be created on the host.

...

Code Block
languagebash
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 64.73.220.117
gateway 64.73.220.1
netmask 255.255.255.0
dns-nameservers 216.15.129.205 216.15.129.206

 

macvtap

This looks promising... The most prominent user of macvtap interfaces seems to be libvirt/KVM, which allows guests to be connected to macvtap interfaces. Doing so allows for (almost) bridged-like behaviour of guests but without the need to have a real bridge on the host, as a regular ethernet interface can be used as the macvtap's lower device.

References

Networking - https://help.ubuntu.com/lts/serverguide/lxc.html#lxc-network

...

How I figured out to create a macvlan - http://cyberiantiger.livejournal.com/24104.html 

Not sure I can use comments here... need to investigate if it causes issues.