LXC Routed Setup 2019

Aus Vosp.info
Wechseln zu:Navigation, Suche

Warum dieses Setup

  • Es soll nur über die MAC-Adresse(n) der Netzwerkkarte(n) gerouted werden.
  • Die virtuelen MAC sollen nicht am Interface auftauchen.
  • hetzner

Host

/etc/lxc/default.conf
lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:11:4a:xx:xx:xx


/etc/default/lxc-net
USE_LXC_BRIDGE="false"
/etc/network/interfaces
auto lo
iface lo inet loopback
iface lo inet6 loopback


# Server Ip = 1.2.3.4
# netmask = 255.255.255.0
# Main Ip subnet = 2.2.3.1 (2.2.3.1 ,2.2.3.2,2.2.3.3...)
# Single IP I =3.2.3.1
# Single IP II =4.2.3.1

# device: eth0
auto  eth0
iface eth0 inet static
  address   1.2.3.4
  netmask   255.255.255.0
  gateway   1.2.3.5
  pointopoint   1.2.3.5
  # default route to access subnet
  up route add -net x.x.x.1 netmask 255.255.255.192 gw x.x.x.2 eth0

iface eth0 inet6 static
  address 3a02:5f4:172:11ce::1
  netmask 64
  gateway fe80::1
  up sysctl -p


# fuer Einzel-IPs
auto vmbr0
iface vmbr0 inet static
  address 1.2.3.4
  netmask 255.255.255.255
  bridge_ports none
  bridge_stp off
  bridge_fd 0
  up ip route add 3.2.3.1/32 dev vmbr0
  up ip route add 4.2.3.1/32 dev vmbr0


# fuer ein Subnet


auto vmbr1
iface vmbr1 inet static
  address 2.2.3.1
  netmask 255.255.255.0
  bridge_ports none
  bridge_stp off
  bridge_fd 0

Container

Subnet

/var/lib/lxc/CONTAINER/config
lxc.arch = linux64
lxc.rootfs.path = dir:/var/lib/lxc/CONTAINER/rootfs
lxc.uts.name = CONTAINER
lxc.net.0.type = veth
lxc.net.0.link = vmbr1
lxc.net.0.flags = up
lxc.net.0.ipv4.address = 2.2.3.2/32
lxc.net.0.ipv4.gateway = 2.2.3.1


Single IP

lxc.arch = linux64
lxc.rootfs.path = dir:/var/lib/lxc/CONTAINER/rootfs
lxc.uts.name = CONTAINER
lxc.net.0.type = veth
lxc.net.0.link = vmbr0
lxc.net.0.flags = up
lxc.net.0.ipv4.address = 3.2.3.1/32
lxc.net.0.ipv4.gateway = 1.2.3.4
...



Überprüfen

auf dem Host :

tcpdump -n -i eth0 -e  |egrep  '00:11:4a'
darf nicht auftauchen