Configuring the network / public IP for the container

yang1 · January 1, 2024, 9:23pm

I would like to configure the network for the container (guest) system.

My host system uses a public IPv4 IP address 77.14.7.42/26 , subnet 255.255.255.192.
I would like to assign a new public IPv4 address to container (guest), which is 77.14.7.22/26, subnet 255.255.255.192.

If I type it in, inside the container, then I am unable to ping from the container or to the container IP.
If I assign it on the host, the IP becomes pingable (but I want this IP to be in container).

The configuration files for the container are such (on host):

—> # cat /etc/lxc/default.conf
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:c8:e5:e3

lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1

—> # cat /etc/lxc/lxc-usernet
lxcuser veth lxcbr0 10

—> # cat /var/lib/lxc/vps1/config

Template used to create this container: /usr/share/lxc/templates/lxc-download
Parameters passed to the template:
For additional config options, please look at lxc.container.conf(5)
Uncomment the following line to support nesting containers:
(Be aware this has security implications)
LXC.include = /usr/share/lxc/config/nesting.conf

Distribution configuration

lxc.include = /usr/share/lxc/config/common.conf
lxc.arch = linux64

Container specific configuration

lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.rootfs.path = dir:/var/lib/lxc/vps1/rootfs
lxc.uts.name = vps1

Network configuration

lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:c8:e5:e3

—> # ifconfig (host)

lxcbr0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.3.1 netmask 255.255.255.0 broadcast 10.0.3.255

virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255

vethv6SL9o: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

stgraber · January 2, 2024, 2:09am

Easiest would probably be to put a static route on your host for that IP, so something like ip route add 77.14.7.22/32 via 10.0.3.X where 10.0.3.X is the IP the container got over DHCP.

Then you’ll need to add 77.14.7.22/32 as an IP address in the container’s network configuration, this depends on the distro and release used inside the container, though for testing you can do it manually with something like ip -4 address add dev lo 77.14.7.22/32

yang1 · January 3, 2024, 2:27am

Hello @stgraber ,

I tried to apply your settings, but wasn’t successfull in getting the network working in container. Maybe the firewall is causing some issues I don’t know. I was told to try to implement these network settings on host (what do you think) ? The machine host is Debian Linux.

https://paste.debian.net/hidden/71b5e27b/

interfaces file, which doesn’t work (on reboot the IPv4 is not assigned)

source /etc/network/interfaces.d/*

The loopback network interface

auto lo
iface lo inet loopback

Ethernet interface

auto enp0s31f6
iface enp0s31f6 inet manual

Virtual bridge interface for libvirt (virbr0)

auto virbr0
iface virbr0 inet manual

Bridge containing enp0s31f6 and virbr0

auto br0
iface br0 inet static
address 77.14.7.42
netmask 255.255.255.192
gateway 77.14.7.1
dns-nameservers 8.8.8.8 8.8.4.4
bridge_ports enp0s31f6 virbr0
bridge_stp off
bridge_fd 0
bridge_maxwait 0

IPv6

iface enp0s31f6 inet6 static
address 2a01:352:a9b:530::2
netmask 64
gateway fe80::1

yang1 · January 5, 2024, 7:40pm

I am interested if the ‘/etc/network/interfaces’ file on Debian is formatted/syntaxed properly, in order to match my setttings in first post?

yang1 · January 7, 2024, 12:16am

Solved.

jarrodu · January 7, 2024, 7:31am

What was the solution?

yang1 · January 7, 2024, 12:36pm

https://paste.debian.net/1303344/

interfaces settings on host

The loopback network interface

auto lo
iface lo inet loopback

Virtual bridge interface for libvirt (virbr0)

auto virbr0
iface virbr0 inet static
hwaddress ether ab:cd:ef:c2:8e:5e
bridge_ports enp0s31f6
bridge_stp off
bridge_fd 0
bridge_maxwait 0
address 77.14.7.42
netmask 255.255.255.192
gateway 77.14.7.1
dns-nameservers 8.8.8.8 8.8.4.4
# route 77.14.7.0/26 via 77.14.7.1
up route add -net 77.14.7.0 netmask 255.255.255.192 gw 77.14.7.1
pre-up ip link add virbr0 type bridge
pre-up ip link set virbr0 up

IPv6

iface virbr0 inet6 static
address 2a01:352:a9b:530::2
netmask 64
gateway fe80::1

interfaces settings in a guest (container)

https://paste.debian.net/1303345/

auto eth0
iface eth0 inet static
address 77.14.7.22
netmask 255.255.255.192
gateway 77.14.7.1

route 77.14.7.0/26 via 77.14.7.1

up route add -net 77.14.7.0 netmask 255.255.255.192 gw 77.14.7.1 dev eth0