Simple bridge from lxd to hosts private network, with static IP

Hello - I’m sorry, this is quite simple, but I can’t quite get the answer from the docs or this forum.

I have latest version of lxd as of today. The host is a raspberry pi running Debian 10.12. It has a static IP on my local private network. All I want to do is run an lxd on this host, running the latest Ubuntu, with a static IP on the same private network as my host - i.e. to the rest of the network my lxd looks just like a server on the network, accessible via its static IP. I don’t need anything else, like dhcp or NAT.

Thanks in advance

You’ve got 2 options for connecting instances to an external network:

  1. Setup an unmanaged bridge (Debian BridgeNetworkConnections - Debian Wiki, Ubuntu Netplan | Backend-agnostic network configuration in YAML) e.g. br0. Connect your current external interface to it, and move your external interface’s IP config onto the bridge interface. Then use a LXD bridged NIC device on your instances to connect to the unmanaged bridge. E.g. lxc config device add c1 eth0 nic nictype=bridged parent=br0.
  2. Use a LXD macvlan NIC device to connect directly to the external interface. E.g lxc config device add c1 eth0 nic nictype=macvlan parent=enp3s0. Note: With macvlan NICs the LXD host and the instance will not be able to communicate with each other. The Instance will only be able to communicate with other hosts on the network. It will also not be able to use multiple MAC addresses.

Then inside the instance, configure the static IP in the network configuration files like a normal machine or let it use auto configuration (DHCP) from the external network.

1 Like

Many thanks for this. I’m trying to do 1) and having loads of trouble. Raspberry Pi OS now uses dhcpcd.conf for (as far as I can tell) all networking, and that doesn’t appear to support setting up a bridge. I’ve tried various things such as doing the bridge interfaces.d, doing the bridge using brctl and adding eth0 to it. I’ve tried doing a static IP for the bridge in dhcpcd.conf. Everything I do results in my ssh session to the box freezing after 5-10 seconds and me needing to reboot (brctl commands don’t survive reboot)

One other thing - when you say move my external interface IP config onto the bridge. do you mean move my static IP from eth0 to br0 (which I can do in dhcpcd.conf) And what config does eth0 then get?

There are solutions like

but there are problems there too. If you use /etc/network/interfaces it gets ignored. If you use interfaces.d that seems to work, but then there are warning signs everywhere about only using dhcpcd.conf. In this case you have not set static ip anywhere and you have told dhcpcd to ignore eth0, so eth0 gets neither dhcp or static.

I can’t believe it’s so difficult to create a simple bridge on the host.

These 2 statements are related. As soon as you connect the external interface to the bridge, its IP settings will cease to work, and the bridge interface will take over as the host-side interface. That means if you have no IP config on the bridge interface at that time and you are doing it remotely you will get disconnected.

This is why macvlan is somewhat easier as it doesn’t require messing with the external interface itself.

1 Like

If you’re not comfortable/familiar with your OS’s networking configuration systems (and I can say I am not familiar at all with how RPI configures networking), then you could also try routed NIC type. This requires using a manual static IP on the parent network (no DHCP) and manual configuration of DNS settings inside the instance. However it also achieves the result of getting an IP from the external network directly routed into the instance. This time without messing with the external network and still allow host<->instance communication.

See How to get LXD containers get IP from the LAN with routed network

1 Like

Hey, it all works now - it was your comment about moving the IP config that triggered it. I also found out how to do persistent bridge on a raspberry pi, and then you tell dhcpcd.conf to ignore eth0 and configure a static IP for br0. Then, as you said, everything goes through br0.

Then lxd init asked me the right questions about the host bridge and host network, and configured itself to come up with an IP from dhcp on my router. Which I then reserved so I won’t even bother to set up static.

Maybe I shouldn’t mention, but I want to put a VPN on the container now, but that’s just routing and dns, right :wink:

Many thanks for your kind, prompt and detailed replies. I’ve learnt some stuff.

1 Like