[PLDWWW] page changed: docs:lxc

Mateusz Korniak (matkor) matkor at pld-linux.org
Wed Jul 2 10:56:24 CEST 2014 

[config for network] 

--- https://www.pld-linux.org/docs/lxc?rev=1403789106
+++ https://www.pld-linux.org/docs/lxc?rev=1404291384
@@ -123,16 +123,17 @@
  ===== Sample configs =====
  
  ==== config for network ====
  
- static networking, set ''VSERVER=yes'' and ''VSERVER_ISOLATION_NET=yes'' in guest ''/etc/sysconfig/system'' to disable all network configuration by guest.
+ static networking, set ''VSERVER=yes'' and ''VSERVER_ISOLATION_NET=yes'' in guest ''/etc/sysconfig/system'' to disable all network configuration by guest, set RC_PROMPT=no to avoid hanging startaup scripts, in general it's good idea to turn off there most of things
  
-   - uses ''macvlan''
-   - that interface is NOT visible on host 
-   - you can't filter it from host's firewall
+ ===== network using macvlan in bridge mode =====
+   - traffic from host to guest (and vice-versa) is NOT passed. external trafic works
+   - guest interface is NOT visible on host 
+   - you can't filter guest straffic  from host's firewall
+   - host can use seme default interface with and without guests running.
    - you HAVE to set mac. If not - on every container start you'll have different one (your router will not pass the traffic).
    - iptables is initialized from lxc.hook.pre-mount hook (ran in the container's namespace and having macvlan interface visible)
- 
  
  first boot with ''hwaddr'' line disabled, look what the random address was assigned, set it in config.
  
  also you may use some generation techniques like these: using last three ip numbers and [[http://xenbits.xen.org/docs/4.3-testing/misc/xl-network-configuration.html|Xen's OUI (00:16:3e)]] address space. If IP is ''192.168.2.160'', then:
@@ -154,8 +155,10 @@
  lxc.hook.pre-mount = /sbin/service iptables start
  lxc.cap.drop       = net_admin
  </file>
  
+ 
+ ===== network using bridged veth interfaces  =====
  
  ==== full config ====
  
  <code bash>


Diff URL:
  https://www.pld-linux.org/docs/lxc?do=diff&r1=1403789106&r2=1404291384
-- 
This mail was generated by DokuWiki at
https://www.pld-linux.org/

More information about the pld-cvs-commit mailing list