Hello guys,
Firstly i must thanks to you for your work in LXD/LXC, its perfect “solution” 
for many areas and i likely using it. I hope in near time will contribute to this project because its awesome.
Also i came for discussion about networking/design with LXD instances and firewall (ufw), im not very familiar with networking but i have small background…
I have host/server with 3 containers (Samba, Wireguard and PiHole), where:
Wireguard:
has access from/to
Samba, WAN network
has not access from/to
LAN
Samba:
has access from/to
Wireguard, LAN network
has not access from/to
WAN
PiHole:
has access from/to
LAN
also, works as DHCP
Please, which design is the best/balanced (in cost of complexity), can you describe, post snippet of design? From my point of view/knowledge i may use:
- Containers may have access to WAN for SW updates (apt/apk)
- VLANs (i must read about it)
- lxdbr0 - firewalling with (nftables/ufw)
- … ?
Thanks
M.