Okay. FYI I went ahead and defined my own bridge to let containers communicate directly with my router's dhcp server, but I've created and started a new privileged container `pr1` and made sure it uses `lxcbr0` and not my `br0`. Still, it's possible I'll have to tell `lxcbr0` to plug into `br0` rather than `eth0`, as `eth0` doesn't get an IP anymore on my machine, and if so I'll need some help doing that. Anyhow:
From within container `pr1`:
root@pr1:/# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
root@pr1:/# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:16:3e:b2:93:2b
inet6 addr: fe80::216:3eff:feb2:932b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:30 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000
RX bytes:1177 (1.1 KB) TX bytes:7656 (7.6 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@pr1:/# cat /etc/
cat: /etc/: Is a directory
But then after following your other directions:
root@pr1:/# ifconfig eth0 10.0.3.10 netmask 255.255.255.0
root@pr1:/# sudo route add -net default dev eth0
root@pr1:/# ping 10.0.3.1
PING 10.0.3.1 (10.0.3.1) 56(84) bytes of data.
64 bytes from 10.0.3.1: icmp_seq=1 ttl=64 time=0.102 ms
64 bytes from 10.0.3.1: icmp_seq=2 ttl=64 time=0.032 ms
64 bytes from 10.0.3.1: icmp_seq=3 ttl=64 time=0.049 ms
Even better, if instead I do
root@pr1:/# sudo route add -host 10.0.3.1 dev eth0
root@pr1:/# route add -net default gw 10.0.3.1 dev eth0
then I can now ping to my LAN from within the container, and also ping out to 8.8.8.8. At this point I have:
root@pr1:/# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.0.3.1 0.0.0.0 UG 0 0 0 eth0
10.0.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.0.3.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
root@pr1:/# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:16:3e:b2:93:2b
inet addr:10.0.3.10 Bcast:10.0.3.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:feb2:932b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30 errors:0 dropped:0 overruns:0 frame:0
TX packets:80 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000
RX bytes:3579 (3.5 KB) TX bytes:19728 (19.7 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:51 errors:0 dropped:0 overruns:0 frame:0
TX packets:51 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0
RX bytes:3792 (3.7 KB) TX bytes:3792 (3.7 KB)
However, and BTW this is a problem I still have on the unprivileged container using `br0` as well, I can't resolve DNS from within the container. It returns `ping: unknown host www.google.com` immediately.
Okay. FYI I went ahead and defined my own bridge to let containers communicate directly with my router's dhcp server, but I've created and started a new privileged container `pr1` and made sure it uses `lxcbr0` and not my `br0`. Still, it's possible I'll have to tell `lxcbr0` to plug into `br0` rather than `eth0`, as `eth0` doesn't get an IP anymore on my machine, and if so I'll need some help doing that. Anyhow:
From within container `pr1`: 3eff:feb2: 932b/64 Scope:Link
collisions: 0 txqueuelen:1000
root@pr1:/# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
root@pr1:/# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:16:3e:b2:93:2b
inet6 addr: fe80::216:
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:30 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:1177 (1.1 KB) TX bytes:7656 (7.6 KB)
lo Link encap:Local Loopback
collisions: 0 txqueuelen:0
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@pr1:/# cat /etc/
cat: /etc/: Is a directory
But then after following your other directions:
root@pr1:/# ifconfig eth0 10.0.3.10 netmask 255.255.255.0
root@pr1:/# sudo route add -net default dev eth0
root@pr1:/# ping 10.0.3.1
PING 10.0.3.1 (10.0.3.1) 56(84) bytes of data.
64 bytes from 10.0.3.1: icmp_seq=1 ttl=64 time=0.102 ms
64 bytes from 10.0.3.1: icmp_seq=2 ttl=64 time=0.032 ms
64 bytes from 10.0.3.1: icmp_seq=3 ttl=64 time=0.049 ms
Even better, if instead I do 3eff:feb2: 932b/64 Scope:Link
collisions: 0 txqueuelen:1000
collisions: 0 txqueuelen:0
root@pr1:/# sudo route add -host 10.0.3.1 dev eth0
root@pr1:/# route add -net default gw 10.0.3.1 dev eth0
then I can now ping to my LAN from within the container, and also ping out to 8.8.8.8. At this point I have:
root@pr1:/# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.0.3.1 0.0.0.0 UG 0 0 0 eth0
10.0.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.0.3.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
root@pr1:/# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:16:3e:b2:93:2b
inet addr:10.0.3.10 Bcast:10.0.3.255 Mask:255.255.255.0
inet6 addr: fe80::216:
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30 errors:0 dropped:0 overruns:0 frame:0
TX packets:80 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:3579 (3.5 KB) TX bytes:19728 (19.7 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:51 errors:0 dropped:0 overruns:0 frame:0
TX packets:51 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:3792 (3.7 KB) TX bytes:3792 (3.7 KB)
However, and BTW this is a problem I still have on the unprivileged container using `br0` as well, I can't resolve DNS from within the container. It returns `ping: unknown host www.google.com` immediately.
Finally, on my host I get: srv-Ub1404: ~# ps -ef | grep dnsmasq /run/lxc/ dnsmasq. pid --conf-file= --listen-address 10.0.3.1 --dhcp-range 10.0.1.2,10.0.1.254 --dhcp- lease-max= 253 --dhcp-no-override --except- interface= lo --interface=lxcbr0 --dhcp- leasefile= /var/lib/ misc/dnsmasq. lxcbr0. leases --dhcp- authoritative
root@
lxc-dns+ 11309 1 0 Jan15 ? 00:00:00 dnsmasq -u lxc-dnsmasq --strict-order --bind-interfaces --pid-file=
root 13063 13052 0 00:01 pts/2 00:00:00 grep --color=auto dnsmasq