Running Bitcoin in LXC


I’m running Ubuntu 20.04 as a host with a Ubuntu 20.04 container inside and I’ve installed bitcoind/bitcoin-cli inside. Now when I run bitcoin an see the bitcoin debug-log I can see that none of the peers seem to be able to talk to bitcoin (it looks like they can’t reply and they timeout)

2022-07-06 12:04:25 trying connection lastseen=81.6hrs
2022-07-06 12:04:26 trying connection lastseen=432530.3hrs
2022-07-06 12:04:27 CMasternodeSync::Process() - tick 281 RequestedMasternodeAssets 1
2022-07-06 12:04:30 connection to timeout
2022-07-06 12:04:31 connection to timeout

I can’t find any questions online related to this (bitcoin.stackechange, dash forum, google).

I have found that each git repository for most crypto coins contains a gitian-build which always has this same section (copied from each other with no change)

Then set up LXC and the rest with the following, which is a complex jumble of settings and workarounds:

# the version of lxc-start in Debian needs to run as root, so make sure
# that the build script can execute it without providing a password
echo "%sudo ALL=NOPASSWD: /usr/bin/lxc-start" > /etc/sudoers.d/gitian-lxc
echo "%sudo ALL=NOPASSWD: /usr/bin/lxc-execute" >> /etc/sudoers.d/gitian-lxc
# make /etc/rc.local script that sets up bridge between guest and host
echo '#!/bin/sh -e' > /etc/rc.local
echo 'brctl addbr br0' >> /etc/rc.local
echo 'ifconfig br0 up' >> /etc/rc.local
echo 'iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE' >> /etc/rc.local
echo 'echo 1 > /proc/sys/net/ipv4/ip_forward' >> /etc/rc.local
echo 'exit 0' >> /etc/rc.local
# make sure that USE_LXC is always set when logging in as debian,
# and configure LXC IP addresses
echo 'export USE_LXC=1' >> /home/debian/.profile
echo 'export GITIAN_HOST_IP=' >> /home/debian/.profile
echo 'export LXC_GUEST_IP=' >> /home/debian/.profile

I notice that bridge-utils might be installed on the containers host and that it looks like a bridge is made to the host(?), then it looks like the containers local ip is connected “up” through the bridge(?), then this is allowed by iptables(?). I’m guessing btw. As for the exporting of ips after (are these ips special networking reserved numbers or suppose to be changed to whatever LXC generates?) I am not sure what is going on there (I’m also not a Debian user). Is there a modern (LXC/LXD) way to allow peers to peer?

I’m assuming it might be something like:

nano /proc/sys/net/ipv4/ip_forward
#write this in the file
brctl addbr br0
ifconfig br0 <container_ip>/24 up #why 24?
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE #is this syntax for debian?

As this is all guessing can I please have some guidance?

Thank you