How to limit DHCP range for LXD bridge

jose-delarosa · September 18, 2019, 5:32pm

Hello,

When I initialize LXD (“lxd init”) I defined the network 10.0.8.1/24 for lxdbr0, but I want to change the DHCP range from 10.0.8.2-10.0.8.254 to 10.0.8.2-10.0.8.200. I know this is managed by dnsmasq…can I use brctl or is there another tool?

$ ps -ef | grep lxdbr0
[output formatted for readability]

dnsmasq --strict-order --bind-interfaces
  --pid-file=/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.pid
  --except-interface=lo --no-ping
  --interface=lxdbr0
  --quiet-dhcp --quiet-dhcp6 --quiet-ra
  --listen-address=10.0.8.1
  --dhcp-no-override
  --dhcp-authoritative
  --dhcp-leasefile=/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.leases
  --dhcp-hostsfile=/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.hosts
  --dhcp-range 10.0.8.2,10.0.8.254,1h      <---- WHERE/HOW TO EDIT THIS? Want to limit DHCP range to 10.0.8.2-10.0.8.200
  -s lxd -S /lxd/
  --conf-file=/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.raw
  -u lxd

Thank you,

gpatel-fr · September 18, 2019, 6:27pm

Using
lxc network edit lxdbr0
and adding a ipv4.dhcp.ranges key should do the trick, as per this doc or this one
What the docs in either version don’t say is what happens when you have already existing containers with IP address outside of the new range. I’d try to avoid it to stay on the safe side.

jose-delarosa · September 18, 2019, 6:50pm

@gpatel-fr You are absolutely right, that is the answer. Here is the command:

lxc network set lxdbr0 ipv4.dhcp.ranges 10.0.8.2-10.0.8.200

I have a bunch of containers already running that have IP addresses above 200 and their IPs have not yet changed… I suppose they will after I restart them, though I don’t know how that is going to impact the applications I have running on them.

Thank you for your reply.

gpatel-fr · September 18, 2019, 8:13pm

Maybe. Or not. FYI, the leases are under
/var/snap/lxd/common/lxd/networks/lxdbr0
for SNAP lxd. If containers don’t want to change IPs, you could try to stop them, delete the container entries, and restart them.

jose-delarosa · September 18, 2019, 9:42pm

The LXD containers grabbed a new IP address in the specified range when the DHCP lease was up, which is set to 1 hour by default (no need to restart any services). Everything appears to be OK, including the application (OpenStack) running inside the containers.

Thanks again.