System bridges to LXD bridges

pulsarr · July 17, 2022, 12:02pm

Hello,

I have always used interfaces configured via ifupdown as LXD interfaces and now I am discovering LXD managed bridges. However, I can’t figure out how they work.

My system bridges:

pulsarr@thaumas:~$ cat /etc/network/interfaces.d/3-lxdbr0.network 
# Ansible managed

auto lxdbr0
allow-hotplug lxdbr0

iface lxdbr0 inet static
  address 192.168.1.6
  netmask 24
  gateway 192.168.1.254
  dns-nameservers 192.168.1.32 80.67.169.12 80.67.169.40
  bridge_ports eth0
  bridge_hw 00:1e:06:48:12:41
  bridge_stp off
  bridge_fd 0


pulsarr@thaumas:~$ cat /etc/network/interfaces.d/5-lxdbr50.network 
# Ansible managed

auto lxdbr50
allow-hotplug lxdbr50

iface lxdbr50 inet manual
bridge_ports eth0.50
  bridge_hw 00:1e:06:48:12:41
  bridge_stp off
  bridge_fd 0

Is it possible to do the same thing with managed bridges? The idea is to benefit, at least on lxdbr50, from DHCP and DNSmasq.

Thank you in advance for your response.

stgraber · July 17, 2022, 2:21pm

You can’t do something like your lxdbr0 through LXD and in general such bridges which provide host connectivity are best done through ifupdown.

However, for a bridge like your lxdbr50, that definitely can be done (and probably should be done) through LXD.

lxc network create lxdbr50 would give you a similar bridge with DHCP, DNS and IPv4/IPv6 subnets. You can turn off IPv4 or IPv6 (or both) by setting ipv4.address or ipv6.address to none.

pulsarr · July 17, 2022, 2:43pm

I understand about lxdbr0, so I continue with ifupdown for him.
About lxdbr50, how can I set eth0.50 as “bridge_port” on LXD bridge ? My LXD subnet is on VLAN50.

stgraber · July 17, 2022, 2:51pm

You can set bridge.external_interfaces to eth0.50 however, you’ll need that interface to exist ahead of time, so will need to define it as a VLAN in your ifupdown config.

pulsarr · July 17, 2022, 3:15pm

I must have missed something:

pulsarr@infra-odroidc4-neree:~$ lxc network set lxdbr50 bridge.external_interfaces=eth0.50
Error: Config key "bridge.external_interfaces" is cluster member specific

My configuration:

pulsarr@infra-odroidc4-neree:~$ lxc network show lxdbr50
config:
  dns.domain: gaia.ykn.local
  ipv4.address: 192.168.50.254/24
  ipv6.address: fd00:ff50::d254/115
description: ""
name: lxdbr50
type: bridge
used_by:
- /1.0/instances/infra-ansible-2143
- /1.0/instances/infra-bastion-2141
- /1.0/instances/infra-bastion-2225
- /1.0/instances/infra-chc-2210
- /1.0/instances/infra-rproxy-2223
- /1.0/profiles/default
managed: true
status: Created
locations:
- neree

stgraber · July 17, 2022, 3:19pm

You seem to have clustering enabled for some reason.
In this case, you’ll need lxc network set lxdbr50 bridge.external_interfaces=eth0.50 --target neree

tomp · July 18, 2022, 8:25am

There’s some more info about LXD managed bridges here too: