0
I have the following setup.
Bridge on host machine called br0. No IP address set.
LXC container called router, which is attached to local network and br0, its task to route between the two.
LXC containers attached to br0, with the intention that traffic will be routed through the LXC router container before reaching the local network.
The problem is, if br0 doesn't have an ip address on the host machine then traffic between the LXC containers doesn't work. As soon as I add an IP address it works fine (even if I add an IP tables rule on the host to block all traffic to the host). I want the host to be isolated from the LXCs on the other side of the router LXC - hence why I'd prefer to not add an IP.
What's going on?
user7282391
Posted 2017-03-02T07:44:07.910
Reputation: 1
I would assume since no IP address is set on the bridge that there is no routes being made, you may have to add your own routes. I don't know your network setup, but here is an example:
route add -net 10.0.0.0/24 gw 10.10.10.1 dev eth0orroute add -net 0.0.0.0/0 gw 10.167.95.1 dev eth0– asmith – 2017-03-02T07:56:52.740I am going to be honest, I know nothing about LXC containers (I had to look this up) but even my above solution may not work unless there is someway the network can see the LXC containers as if they were physical device no sort of routing may work – asmith – 2017-03-02T08:01:52.320