On Fri, Jun 16, 2017 at 5:01 PM, Michel Jansens <[email protected]> wrote:
> Thanks a lot Stéphane for this information, > > I succeeded in attaching a bridge device from a specific vlan following > your advise from https://github.com/lxc/lxd/issues/2551 > command I used is: lxc config device add welcome-lemur eth1 nic > nictype=macvlan parent=brvlan3904 name=eth1 > > In /etc/network/interfaces I added: > > #vlan 3904 interface on enp1s0f0 > auto vlan3904 > iface vlan3904 inet manual > vlan_raw_device enp1s0f0 > #add a bridge for vlan3904 > auto brvlan3904 > iface brvlan3904 inet manual > bridge_ports vlan3904 > > > I managed to add the brvlan3904 to multiple containers, but this doesn’t > create an interface for each container in the brvlan3904 bridge, > That's what macvlan does. It works for some usecase (and can be easier, since you DON'T need to create a bridge), but can cause some problems (e.g. host can't connect to container's macvlan interface). > and I don’t know what the security consequences are… > Is This OK like this? > > > Alternatively, to mimic how lxc br0 bridge looks (one interface for each > container with vethXXXXXX like names), I tried to add more ports to the > bridge,with dummy interfaces: > > ip link add welcomelemur type dummy > brctl addif brvlan3904 welcomelemur > ifconfig welcomelemur up > lxc config device add welcome-lemur eth1 nic nictype=macvlan > parent=brvlan3904 name=eth1 > > But this gave me: error: Failed to create the new macvlan interface: exit > status 2 > I tried using nictype=veth instead of mtacvlan but got 'error: Bad nic > type: veth’ > > How should I do this properly? > > Did you want "nictype=bridged"? https://github.com/lxc/lxd/blob/master/doc/containers.md#type-nic -- Fajar
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
