Linux Containers (LXC) : Setting External Network For Containers
Last updated on OCTOBER 10, 2016
Applies to:Linux OS - Version Oracle Linux 7.2 with Unbreakable Enterprise Kerne [3.8.13] and later
The objective of the document is on how to setup LXC container which can connect to external networks. There are multiple network modes that can be used in setting up LXC.
By default, the lxc-oracle template script sets up networking by setting up a veth bridge. In this mode, a container obtains its IP address from the dnsmasq server that libvirtd runs on the private virtual bridge network (virbr0) between the container and the host. The host allows a container to connect to the rest of the network by using NAT rules in iptables, but these rules do not allow incoming connections to the container. Both the host and other containers on the veth bridge have network access to the container via the bridge.
If you want to allow network connections from outside the host to be able to connect to the container, the container needs to have an IP address on the same network as the host. One way to achieve this configuration is to use a macvlan bridge to create an independent logical network for the container.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms