Differences between revisions 11 and 12
Revision 11 as of 2012-09-28 18:55:05
Size: 4175
Editor: ?BrettWuth
Revision 12 as of 2012-09-28 19:51:47
Size: 4251
Editor: ?BrettWuth
Deletions are marked like this. Additions are marked like this.
Line 14: Line 14:
Edit {{{/etc/network/interfaces}}} in this form: Edit the host's {{{/etc/network/interfaces}}} in this form:
Line 40: Line 40:

Restart networking:
/etc/init.d/networking restart

Translation(s): none

This page includes examples of a bridged or routed network provided by the host.

Alternatives to this network setup for containers can be found on the LXC main page.

Host device as bridge


  • persisted in host's /etc/network/interfaces

  • the container's veth virtual ethernet interface can share the network link on the physical interface of the host (eth0). So the container resides on the same ethernet segment and talks to the same dhcp server as the host does.

Edit the host's /etc/network/interfaces in this form:

# Comment out the following:
# The primary network interface
#allow-hotplug eth0
#iface eth0 inet dhcp

auto br0
iface br0 inet dhcp
        bridge_ports eth0
        bridge_fd 0
        bridge_maxwait 0

# uncomment the below and comment the above for static ip setup on the host
#iface br0 inet static
#       bridge_ports eth0
#       bridge_fd 0
#       address <host IP here, e.g.>
#       netmask
#       network <network IP here, e.g.>
#       broadcast <broadcast IP here, e.g.>
#       gateway <gateway IP address here, e.g.>
#       # dns-* options are implemented by the resolvconf package, if installed
#       dns-nameservers <name server IP address here, e.g.>
#       dns-search your.search.domain.here

Restart networking:

/etc/init.d/networking restart
  • The network section in the container's config may look like this

## Network
lxc.utsname = containershostname
lxc.network.type = veth
lxc.network.flags = up

# that's the interface defined above in host's interfaces file
lxc.network.link = br0

# name of network device inside the container,
# defaults to eth0, you could choose a name freely
lxc.network.name = lxcnet0 

lxc.network.hwaddr = 00:FF:AA:00:00:01

# the ip may be set to or skip this line
# if you like to use a dhcp client inside the container
lxc.network.ipv4 =
  • Completing the example above, the containers /etc/network/interfaces may look like this

auto lxcnet0
iface lxcnet0 inet dhcp
#iface lxcnet0 inet static
#       address <container IP here, e.g.>
#       all other settings like those for the host

Additonal bridge device instead of changing a host device to br0


  • setup manually with brctl
  • the container's veth virtual ethernet interface accesses the network via the bridge device created on the host. By default, the container is not visable from outside the host.

# script to setup a natted network for lxc guests

echo 1 > /proc/sys/net/ipv4/ip_forward
  • The containers /etc/network/interfaces is equal to the one proposed in "Host device as bridge"; if you don't put a dhcp server on the lxc-bridge-nat, the container should now use the static ip configuration

  • The containers config file now uses lxc-bridge-nat as link and another ip

lxc.network.link = lxc-bridge-nat
lxc.network.ipv4 =
  • The host can connect easily from his original network to the natted one
  • if you want to access a containers port (e.g. putting an apache inside a container) from outside the host, you have to forward that port from the host to the containers IP