I see. I suppose in theory it can be done. You’d need to make sure that the DHCP server is giving out the external network’s IP for the gateway and not the VMware VM’s IP.
But you’ll also need to make sure that the Vmware VM’s ethernet interface is bridged onto the host’s external network, and check that there is no MAC filtering enabled in Vmware.
Once that has occurred, it will then expose your DHCP server onto the external network but this will then start giving IPs from the DHCP server to other devices on your network. If there is already a DHCP server on the external network then you will get conflicts.
Even if this didn’t happen, how would you prevent two independent DHCP servers from giving out conflicting addresses?
A simpler approach in my view would be to keep the LXD private bridge lxdbr0 and its DHCP server on a different subnet, and then setu a route in your external router/gateway that routes that additional subnet to the VMware VM’s IP.
Gotcha. If I just used the builtin lxdbr0 bridge and currently it’s assigning IPs in the 10.209.x range, would I need to do anything to expose that? Or just do a route for that subnet on the router/gateway to that IP? This assumes the host is on a totally different subnet.
Lets say the external gateway is on 10.0.0.1/24, the vmware host is on 10.0.0.2/24 and the LXD VM’s interface to the host is on 10.0.0.3/24 (I’m assuming you’ve bridged your VM onto the external network).
Then you would put a route on the gateway that routes 10.209.0/24 to 10.0.0.3.
Then make sure you allow that traffic through the vmware host’s external interface, and into the LXD VMs interface, and make sure you allow the traffic through any firewall running on the LXD VM host.
Please show output of ip a and ip r on LXD host, and indicate the network config you’re using to get connectivity from the vmware host into the LXD host.
This may not work in our current setup. So this leaves to options:
Expose the LXC server as a DHCP server on the subnet so the containers can get DHCP addresses for the a valid subnet. Downside is that it will be a DHCP server for that entire subnet. Could firewall rules get around that?
Got the external DHCP server setup. The container gets an IP from it. But, I still can’t access that IP on the broader network even though it’s a valid routable IP. The LXC host has a bridged adapter hooked up to a vNIC on the vm host that has mac filtering disabled. The iptables firewall is also disabled on the LXC host. What else could I be missing?