Best practice of assigning a static IP to a container when the host bridge is unmanaged

mbyrd777 · October 22, 2023, 7:14pm

For some background…The host OS I’m using is Debian 12 and the container image is a Debian 12 container image. The host uses interface br0 which was created without utilizing the managed bridge functionality for .

Is there a “right way” of assigning a static IP to a container?

Thanks in advance for any help!

victoitor · October 23, 2023, 12:56pm

There are two ways that I know of. Either through your DHCP server or fixing it inside your container. Both are correct, it really just depends on how you’re organizing things.

mbyrd777 · October 23, 2023, 3:50pm

That’s what I was thinking as far as setting it internally in the contain. My problem is the interface is changing at every restart. It’s going from eth0@if8 to eth0@if12 to eth0@if16…I would definitely like to do it programmatically because these containers are going to be moved often away from the dhcp server on this specific subnet so I need it to be reproducible.

From → /etc/systemd/network/eth0.network

[Match]
Name=eth0
[Network]
DHCP=true
[DHCPv4]
UseDomains=true

From → /etc/network/interfaces

auto eth0
iface eth0 inet static
        address 192.168.1.6
        broadcast 192.168.1.255
        netmask 255.255.255.0
        gateway 192.168.1.1
        dns-nameservers 192.168.1.252

From → ‘ip a’

15: eth0@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:16:3e:bd:f5:8e brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.1.226/24 metric 1024 brd 192.168.1.255 scope global dynamic eth0
       valid_lft 86080sec preferred_lft 86080sec
    inet6 fe80::216:3eff:febd:f58e/64 scope link
       valid_lft forever preferred_lft forever

mbyrd777 · October 23, 2023, 4:37pm

For those that run across this same issue, the fix with Debian 12 (systemd-networkd) is to use the file : /etc/systemd/network/eth0.network

Settings like below will work to programmatically set the IP address on an LXC container running on a host with an unmanaged bridge for Debian 12:

[Match]
Name=eth0

[Network]
DHCP=no
Address=192.168.1.6/24
Gateway=192.168.1.1
DNS=192.168.1.252

zaq11 · October 23, 2023, 6:27pm

sorry for the stupid question but is the file “/etc/systemd/network/eth0.network” being edited on the host or inside the container?

mbyrd777 · October 23, 2023, 6:49pm

Inside the container. The host of the containers isn’t managing the bridge at all so it’s just creating containers by default with a single network interface and a DHCP client enabled. The configuration I posted above is for inside the container and turns off the DHCP client of the container and enables the static IP address on the container.

Hope that clears it up

zaq11 · October 23, 2023, 7:15pm

it does. thank you.

just one more thing, before I saw this thread, I was originally going to post a question pertaining to my newly created containers not getting any IP address at all. would this also help with that or is my problem a separate issue?

mbyrd777 · October 24, 2023, 12:57pm

If they’re not getting any IP address at all on an interface that is bridged, and there is a DHCP server running on the subnet they’re bridged to, then there may be another issue stopping the DHCP requests getting out or the responses getting back to the interface.

If you configure the interface to use a static IP on the subnet your DHCP server is serving, and other addresses in the subnet are accessible after doing so, then perhaps the container isn’t enabling the DHCP client.