How to enable website display from different subnet lxc container


I have a question.

I just installed lxd version 3.0.3 on my master host. My master host ip address is

Inside this master host I’ve deployed a lxc container CentOS 8.

So my container centos8 is on ip address (eth0).

I have installed httpd on container centos 8. I have not done any website yet. I just want the apache main page to display out.

My question is how can i get the website to display from my laptop / pc that I’m sitting now on ip address

I wish to test just for port 80 and no need port 443 yet.

Previously I have no issues on using macvlan or getting same IP same subnet from the local LAN IP, now I’m trying on different stuff. This idea may be wrong but I’m not sure and unable to get more info.

Can someone help me? Thanks.


You need to expose the web server port of the container to your local LAN. By doing so, other computers on your LAN would connect using the IP address of the lxd host and a port of your choosing (for example, 80, if it is not used already by the host).

See more at

1 Like

Hi @simos

The LXD proxy documentation certainly makes it work, I follow the steps and it is working good. Can I ask if I could also do this below on one of the steps related to this lxd proxy.

lxc config device add newcentos8 newcentos8port80 proxy listen=tcp: connect=tcp:

Can I do this below?
lxc config device add newcentos8 newcentos8port80 proxy listen=tcp: connect=tcp:

The reason for IP was because I am sitting on another computer running on LAN IP address which is and from the browser I launch I type or nothing works.

The computer I’m sitting is on same LAN IP range with the master host of this LXD which is IP address

Thank you.

Hi @simos

It’s ok i’ve manage to get it working. I’ve also read somewhere and try using linux command from the host called “redir” which is a package to do redirection of TCP port. It is working as well.

I wish to ask let say in one master host I have more than 1 containers all wanted to expose to web port 80 & 443 and since I understand using “localhost” does not work and instead relying on IP address of each containers, how can we best allow this to work on using LXD?


While “localhost” does not work, you can use instead. The reason for not accepting localhost is that a malicious container could define localhost to be a another’s container IP address and therefore trick lxd in exposing another container.

You would want to use instead of the container’s IP address just for simplicity. It is easier to manage the commands if you do not need to keep track of whichever IP address was given to the container. Assumes that the web server binds to localhost. But if you insist on using the container’s IP address, you are free to use it.

When you use, LXD knows that it refers to the of that particular container because you specify the container by name.

If you have more than one container with web servers and you want to expose all to port 80 on the host, then you need to use a reverse proxy and also setup hostnames. Or, instead use a different port for each container.

All these are required when each container is on a private bridge. Instead with macvlan, each container is already on the LAN and no proxy device is required.

Hi @simos

Yes it can be done on different port define for each container. As you mention using reverse proxy and setup hostname, how can this be done? Can share more info?


Have a look at this tutorial on how to setup a reverse proxy with nginx,

Hi @simos

So happened I just googling around and found the same. Will go through this tutorial and thanks for the pointers. Cheers!