MacVlan + Ubuntu 16.04LTS + LXD 2.0.11-0 No DHCP?

Just deployed LXD onto my ubuntu base OS and I’d like to be able to effectively have the containers pick up an IP via DHCP directly on the host’s network interface.

e.g. similar to “bridging” a vm to a hosts ethernet port or wifi card

I’ve set up a profile with the following content:

rich@badoomboom:~$ lxc profile show wlan-bridged
config: {}
description: testing
devices:
  eth0:
    name: eth0
    nictype: macvlan
    parent: wlp3s0
    type: nic
name: wlan-bridged
used_by: []

And followed that up with applying it to a container when launched.
lxc launch containername --profile=wlan-bridged

The lxc info containername gives the profile as having been attached, but the host is unable to get an IP address via DHCP and see’s no other hosts. Been round and round in circles and now at the point of pulling my hair out. Any ideas?

I’ve read some posts on here, but they all seem to be solved using fixes that just don’t apply or do things I don’t want to do such as “didnt use macvlan in the end” or “it was KVM blocking it”.

Cheers!

Hi!

It looks that you are trying to create a macvlan over a WiFi interface.
The issue is that the WiFi router expects and allows only one MAC address to come from your computer, and it’s the MAC address that your wireless interface associated with, with the access point.
If you can set this up with an ethernet interface, it should work fine.

Thank you for replying, that’s an interesting view that i’m not totally convinced of.

  1. Virtualbox (and VMware for that matter) work fine with “bridged” network connectivity and my router. In all cases they present multiple MAC addresses to my WiFi router at the same time the host is connected. I was led to believe macvlan would also do the same, if that is the case this should work.

  2. The router genuinely cannot see anything but Layer 2 when it comes to address resolution. It has no ability to discern what machine is behind the multiple MAC addresses on my network until I have established at least IP.

  3. There is no mac filtering, port security or otherwise on my network.

I want the ability to decide to present many external interfaces, be they WiFi cards, usb ethernet adapters, 3G modems or the hosts own network interfaces, at will, directly to my containers.

If there is an alternate way of doing this in a flexible manner (some interfaces won’t always exist, etc) I would be open to ideas.

Given the popularity of Docker in the security conference circuit, I can’t believe that the lack of functionality I’ve experienced so far is the intended mode of operation or my peers would have sacked in containerisation as a solution long ago.

I’m more than happy to provide logs, command output, etc.

See https://github.com/lxc/lxd/issues/2000

1 Like

Damn, thats a much more raw level of connectivity I originally thought macvlan had, I had no idea it had access to the raw frames and as such needs to be associated itself with the access point. Well I stand absolutely and utterly corrected. Thank you for your patience and assistance.