LXC - Addition of NIC and Bridge

LXC
1

I have facing an issue in adding a second NIC in LXC. In my scenario LXC contains 2 x NICs, one is connected to WAN with public IP and other one is connected to LAN on private IP.

By default how the LXC reaches to internet, the lxcbr0 is not bridge to outside NIC or where can I validate it.

I am using Ubuntu 18.04

sudo iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all – 10.0.3.0/24 !10.0.3.0/24

ip route show
default via 192.168.1.1 dev ens33 proto dhcp metric 100
10.0.3.0/24 dev lxcbr0 proto kernel scope link src 10.0.3.1
169.254.0.0/16 dev lxcbr0 scope link metric 1000
192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.4 metric 100

2

How to configure the container to use the manually created bridge not the default one i.e. lxcbr0

3

Edit the container config, you’ll find a line that says lxcbr0, change that to whatever bridge you want.

4

You may also want to read the network keys section in man lxc.container.conf

5

Sure here, thank you Stephane.

cat /etc/lxc/default.conf
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx

I will create a bridge in netplan and map it to physical interface and call it here, but how do I know for which container it is, if I have multiple containers on same host.

6

Secondly for second interface if I need to change to addressing scheme do I need to edit the lxc-net file.

7

There should be configuration in /etc/default to control what subnet to have lxcbr0 use, but if you don’t use lxcbr0 then none of that matters.

You can put as many containers as you want (well, up to 1024) per bridge.