Equivalent of Docker --net=host in LXD container?

Hi, I am switching several of my Docker containers over to LXD but am having some trouble with the container being on a separate subnet.

In short Syncthing uses the link-local-broadcast address(255.255.255.255) for automating discovery of other Syncthing instances which makes connecting them easy. In this same container I also have a connection outgoing to another container which is a MQTT broker for notifications, among other controls.

Should I use a bridge? Or is there a way to pass the host network into the container, similar to dockers --net=host?

You could use a macvlan network device on the same network as your host.

LXD will not let you share network namespace with the host for security reasons, but this may work for your described case.

The issue with macvlan is that I can’t connect to the host for the mqtt broker.

Which is the more preferred way to add the ability to connect to the host(other containers), add another network to guest(eth0 as macvlan, eth1 as lxdbr0) or create a bridge on the host and change eth0 to bridge?

That make’s a lot of sense security wise.

So if reconfiguring your host is an option, making a br0 bridge that includes the host’s physical nic, then using that for your container is certainly the best option, your container and host will be able to reach each other then and communicate directly on the same physical network.

Thank you for the quick response! This solved my issue.

Hi @stgraber @dleg I tried to decrypt:

making a br0 bridge that includes the host’s physical nic, then using that for your container is certainly the best option

Yet struggle to understand how to create this br0 bridge with lxd network create br0 -t bridge ... commands.

I went through the docs and the only option I could interpret as adding physical host devices would be: bridge.external_interfaces

Would you be able to detail the steps? or did I miss interpret it and shall use a brctl (bridge-utils) command to achieve this?

That wouldn’t be done through LXD.
You’d do the br0 and host IP config setup through netplan (if Ubuntu) or similar tools.

Then once your machine boots properly and has working connectivity through a br0 bridge defined in there, then you can have LXD easily consume that.