Hello.
I'm trying to create an LXC container in debian 8 linux.
Until now i have done these:
@HOST
1) Bridge interface at /etc/network/interfaces
Code:
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
# Bridge interface
auto br0
iface br0 inet static
address 192.168.1.1
netmask 255.255.255.0
broadcast 192.168.1.255
bridge_ports none
bridge_fd 2.0
bridge_maxwait 1
and ifconfig returns
Quote:
br0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::88d9:80ff:fea0:1516/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:67 errors:0 dropped:0 overruns:0 frame:0
TX packets:99 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6863 (6.7 KiB) TX bytes:10665 (10.4 KiB)
eth0 Link encap:Ethernet HWaddr de:2b:44:3f:a0:03
inet addr:10.8.44.199 Bcast:10.255.255.255 Mask:255.255.255.254
inet6 addr: 2001:bc8:4700:2300::9:1107/127 Scope:Global
inet6 addr: fe80::dc2b:44ff:fe3f:a003/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1016 errors:0 dropped:0 overruns:0 frame:0
TX packets:891 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:117665 (114.9 KiB) TX bytes:129168 (126.1 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
|
Then for the guest i edited the /var/lib/lxc/CONT/config file
Code:
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r jessie
# For additional config options, please look at lxc.container.conf(5)
#lxc.network.type = empty
lxc.rootfs = /var/lib/lxc/CONT/rootfs
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.mount = /var/lib/lxc/CONT/fstab
lxc.utsname = CONT
lxc.arch = amd64
lxc.autodev = 1
lxc.kmsg = 0
lxc.start.auto = 1
# Network config
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.hwaddr = 00:16:3e:6c:7c:79
lxc.network.ipv4=192.168.1.2/24
lxc.network.ipv4.gateway=192.168.1.1
lxc.network.name=veth0
lxc.network.veth.pair = vethCONT
and now If i start the container ifconfig @ host returns :
Quote:
br0 Link encap:Ethernet HWaddr fe:e3:8f:bb:fb:64
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::88d9:80ff:fea0:1516/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:166 errors:0 dropped:0 overruns:0 frame:0
TX packets:246 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:17998 (17.5 KiB) TX bytes:25050 (24.4 KiB)
eth0 Link encap:Ethernet HWaddr de:2b:44:3f:a0:03
inet addr:10.8.44.199 Bcast:10.255.255.255 Mask:255.255.255.254
inet6 addr: 2001:bc8:4700:2300::9:1107/127 Scope:Global
inet6 addr: fe80::dc2b:44ff:fe3f:a003/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1895 errors:0 dropped:0 overruns:0 frame:0
TX packets:1671 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:218193 (213.0 KiB) TX bytes:254884 (248.9 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vethVPN Link encap:Ethernet HWaddr fe:e3:8f:bb:fb:64
inet6 addr: fe80::fce3:8fff:febb:fb64/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:99 errors:0 dropped:0 overruns:0 frame:0
TX packets:155 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:12521 (12.2 KiB) TX bytes:15033 (14.6 KiB)
|
In the host also i have a dnsmasq service listening for requests at br0 interface
Also i have add this iptables rule
Code:
iptables -t nat -A POSTROUTING -s 192.168.1.1/24 -o eth0 -j MASQUERADE
Quote:
# Generated by iptables-save v1.4.21 on Wed Apr 19 14:50:13 2017
*filter
:INPUT ACCEPT [2193:227088]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2054:286904]
COMMIT
# Completed on Wed Apr 19 14:50:13 2017
# Generated by iptables-save v1.4.21 on Wed Apr 19 14:50:13 2017
*nat
:PREROUTING ACCEPT [86:5078]
:INPUT ACCEPT [86:5078]
:OUTPUT ACCEPT [5:326]
:POSTROUTING ACCEPT [5:326]
-A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Wed Apr 19 14:50:13 2017
|
brctl show command returns :
Code:
bridge name bridge id STP enabled interfaces
br0 8000.fee38fbbfb64 no vethCONT
@ GUEST
I edited the /etc/network/interfaces
Code:
auto lo
iface lo inet loopback
#auto eth0
#iface eth0 inet dhcp
auto veth0
iface veth0 inet static
address 192.168.1.2
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 192.168.1.1
and ifconfig returns :
Quote:
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:52 errors:0 dropped:0 overruns:0 frame:0
TX packets:52 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:3448 (3.3 KiB) TX bytes:3448 (3.3 KiB)
veth0 Link encap:Ethernet HWaddr 00:16:3e:6c:7c:79
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe6c:7c79/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:131 errors:0 dropped:0 overruns:0 frame:0
TX packets:80 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13221 (12.9 KiB) TX bytes:9171 (8.9 KiB)
|
The think is that If i try to ping ww.google.com from Guest I'm getting this error:
