najkon
n00b
Joined: 14 Aug 2016
Posts: 13
|
 Posted: Wed Aug 24, 2016 12:22 am Post subject: LXC - network connection PUB IP |
 |
|
Hi,
I am fighting with setting the network for my LXC container.
Container installed correctly and running, but I do not have it exit on the world.
I tried to make it using wiki instructions ( https://wiki.gentoo.org/wiki/LXC ) unfortunately without result.
connection inside (an internal address) it is like HOST <-> GUEST but from GUEST to Internet did not work
(Of course, I use rule iptables: iptables -t nat -A POSTROUTING -o eth1 -s 10.0.50.0/24 -j MASQUERADE on HOST)
And I would like to have on each (have two) container 1 internal IP (from pool 10.0.50.0/24) address and one public IP address (from /29 pool)
Can anyone describe step by step how to do?
What I have now:
eth1 = is WAN interface
on eth1 I picked up all IP addresses from my PUB IP pool /29
br0 = is bridge for first lxc container has name ' lamp ' and I gave him the address of the IP 10.0.50.1/24
br5 = is bridge for second lxc container has name ' team ' I gave him the address of the IP 10.0.60.1/24
I'll try to write in the morning what I've already done, because now it's late (02:18 am) and I do not think correctly 
EDIT: My configuration
- iptables -L -n -v -t nat
| Code: | Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
5 260 MASQUERADE all -- * eth1 0.0.0.0/0 0.0.0.0/0 |
- Interfaces
| Code: |
br0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
inet 10.0.50.1 netmask 255.255.255.0 broadcast 10.0.50.255
inet6 fe80::fc11:6ff:fe21:478a prefixlen 64 scopeid 0x20<link>
ether fe:5e:06:cc:7a:88 txqueuelen 1000 (Ethernet)
lamp: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::fc5e:6ff:fecc:7a88 prefixlen 64 scopeid 0x20<link>
ether fe:5e:06:cc:7a:88 txqueuelen 1000 (Ethernet)
|
- bridge
| Code: |
bridge name bridge id STP enabled interfaces
br0 8000.fe5e06cc7a88 no lamp
|
- LXC config for lamp container
| Code: |
lxc.network.type = veth
lxc.network.flags = up
lxc.network.veth.pair = lamp
lxc.network.name = eth0
lxc.network.link = br0
lxc.network.ipv4 = 10.0.50.10/24
lxc.network.ipv4.gateway = 10.0.50.1
|
- Pinging on HOST to GUEST
| Code: |
ping 10.0.50.10
PING 10.0.50.10 (10.0.50.10) 56(84) bytes of data.
64 bytes from 10.0.50.10: icmp_seq=1 ttl=64 time=0.066 ms
64 bytes from 10.0.50.10: icmp_seq=2 ttl=64 time=0.017 ms
|
- Pinging on GUEST to HOST
| Code: |
ping 10.0.50.1
PING 10.0.50.1 (10.0.50.1) 56(84) bytes of data.
64 bytes from 10.0.50.1: icmp_seq=1 ttl=64 time=0.060 ms
64 bytes from 10.0.50.1: icmp_seq=2 ttl=64 time=0.017 ms
|
- ip route from GUEST
| Code: |
default via 10.0.50.1 dev eth0
10.0.50.0/24 dev eth0 proto kernel scope link src 10.0.50.10
|
- resolv.conf from GUEST
| Code: |
cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.8.4
|
- Pinging WORLD (aka. google dns)
| Code: |
ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
|
and nothing more shows..
Where is a problem?!  |
|
Networking & Security
