I came to you to seek help, maybe clear some things up... You must agree with me, networking is not that easy to grasp!
todays topic: Having a LXC router running on the host machine, doing same job as host machine running as router would do.
Some insight into my current setup:
My PC has two network cards, lets call them eth0 and eth1. eth0 is connected to the router provided by my ISP, it's on the rooftop. eth1 is connected to a router, witch is in bridged mode. There is also a DHCP server running, serving eth1 for the clients connecting. Set up with iptables and fowarding on.
This works good, not 100% due to some DHCP server issues but it works.Now I'd like to take this to a next level.
Goals:
- having a router in LXC container, LXC will probably have its network card connected to eth0 and eth1 via bridge
- having a separate LAN, something like 10.0.1.255, probably also on eth0 with NAT routing and another bridge(there would be other LXC containers)
Now keep in mind, that I'm a little bit new to this topic, but I can do it if pointed to the right direction but this is to high math right now.
So, lets say my hosts eth0 would have an IP of 192.168.0.1 with a lan cable connected to the rooftop router(0.254). There would be an LXC router running on the host, witch would have an IP of 192.168.0.2 and 192.168.1.2(Assuming the host would have 192.168.1.1 on eth1[internal port]). The internal network have a range 192.168.1.1/24 and for a device to reach internet it'd have to go like: device --> LXC router(192.168.1.2) --> LXC external port 192.168.0.2 --> 192.168.0.254(My ISP router has that IP.) If I'd like to connect to host(ssh, web or smth else) it would go from LXC external(192.16.0.2) --> 192.168.0.1(host)
There are two problems:
- If I set up a bridge on eth0 or eth1 in the current setup, I can not access internet
- There would probably need to be a point to point routing set up between the rooftop router and LXC, since everything would arrive on hosts eth0??
I assume that the router would need to have two bridges, one for the internal network and one for the external.
The other, isolated network with range 10.0.1.1/24, is probably set up the same way so I suppose if I get through the above problem, I can set it up with ease.
Question, is this setup possible? How hard is it? What steps should I take to get it running in "stable" mode?
I appreciate any help and sorry if I wasn't specific enough, I will be active in this topic!
