Setup public ip address from lan using a bridge

david34 · February 10, 2021, 12:13pm

lxd 4.11

i’m trying to setup a container with public ip using the bridge interface from lxd host
i’m using this article https://thomas-leister.de/en/lxd-use-public-interface/

now i have communication with the host but not to the public network
how to fix it ?
my lxd host is running on centos7.9

host settings:

cat /etc/sysconfig/network-scripts/ifcfg-br0

DEVICE=“br0”
TYPE=“Bridge”
BOOTPROTO=“none”
ONBOOT=“yes”
IPADDR=“10.10.10.151”
PREFIX=“24”
GATEWAY=“10.10.10.2”

lxc init images:centos/7/amd64 centos4 --profile=default --profile=extbridge

lxc profile show extbridge

config: {}
description: “”
devices:
eth0:
name: eth0
nictype: bridged
parent: br0
type: nic
name: extbridge
used_by:

/1.0/instances/centos4

container

david34 · February 12, 2021, 4:50am

in addition: the lxd host is runnig on kvm virtual machine
there are no connection issues on the baremetal server, but this issue exists on the kvm vm
has anyone faced such problem?

rutek · February 12, 2021, 4:56pm

Your provider might be filtering MAC addresses

tomp · February 15, 2021, 9:21am

Please can you describe a bit more about your ISP’s setup.

Firstly, have they allocated you a subnet of public IPs or just a single one?
Do they allow multiple MACs on your external interface?

I can already see some issues with the way you have eth0 and br0 configured (namely they are sharing the same subnet so routing is not going to work as you most likely want), but it would help to understand the external IP setup first before going further into local config.

david34 · February 16, 2021, 10:00am

hello

the “public ip” means the ip address of my lan
i need to able to connect to my lxd container from my lan using lan ip address in this container
in other words. i need to forward the address from the lan to the container

bodleytunes · February 16, 2021, 10:50am

br0 on the host needs bridging to a physical nic possibly? I can’t see where you have done that yet.
For traffic to be bridged out from the container through br0, it will need a physical port that is connected to your LAN to be bridged so l2 traffic and arp can pass transparently through your bridge to the containers.

One of your server ports that is the one connected to the network, probably will be soemthing like eth0, eno1, ens18 or something like that, not sure about CentOS as I’d rather throw myself off a bridge (pardon the pun!) than use it

bodleytunes · February 16, 2021, 10:57am

I’ve found some snippets of how to bridge with OVS in Centos if its of any help:

Bridge Br0 on host

 cat /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
ONBOOT=yes
HOTPLUG=no
NM_CONTROLLED=no
PEERDNS=no
DEVICETYPE=ovs
TYPE=OVSBridge
MTU=1500
BOOTPROTO=static
IPADDR=100.0.0.101
NETMASK=255.255.255.0

Member adapter - eth1

cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
ONBOOT=yes
HOTPLUG=no
NM_CONTROLLED=no
PEERDNS=no
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br0
BOOTPROTO=none
MTU=1500

david34 · March 16, 2021, 12:54pm

sorry for late reply
we have oVirt4 and there is a default network filter on the vnic which is preventing any mac, except for the configured vm mac
i chose not to use a network filter and it worked for me