How to configure NAT with LXC containers in SLES?

Question

We are trying to configure NAT and Bridge with LXC container inside the SLES 11.3 . We are getting error unable to start the conatiner

Following is the screen dump. br0 is the external network and br1 is the internal network

 brctl show

bridge name     bridge id               STP enabled     interfaces
br0             8000.001ec9d3ad09       no              eth0
br1             8000.000000000000       no

We have br0 which is bridged with eth0. Following is br0 configuration

    ifconfig br0

   br0     Link encap:Ethernet  HWaddr 00:1E:C9:D3:AD:09
           inet addr:10.31.96.176  Bcast:10.31.99.255  Mask:255.255.252.0
           inet6 addr: 3ffe:80c0:22c:8021:21e:c9ff:fed3:ad09/64 Scope:Global
           inet6 addr: fe80::21e:c9ff:fed3:ad09/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:4054175 errors:0 dropped:748956 overruns:0 frame:0
           TX packets:9689 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:352965801 (336.6 Mb)  TX bytes:1382473 (1.3 Mb)

br1 is another bridge which is used for internal network of containers

br1       Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::70d4:cbff:fe18:6548/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:520 (520.0 b)  TX bytes:1070 (1.0 Kb)

Below is the LXC Configuration

  lxc.network.type = veth
  lxc.network.name = net0
  lxc.network.ipv4 = 192.168.0.100/24
  lxc.network.link = br1
  lxc.network.flags = up
  lxc.network.ipv4.gateway=192.168.0.1

We did follow http://www.pdxsys.com/articles/lxc/lxc2/ for performing NAT between br0 and br1

 iptables -A INPUT    -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT
 iptables -A INPUT    -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT
 iptables -A FORWARD  -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT
 iptables -A FORWARD  -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT

 iptables -A POSTROUTING -t nat -s 192.168.0.0/24 -j MASQUERADE

 iptables -t nat -A PREROUTING -p tcp -d 10.31.96.176 --dport 80 -j DNAT --to 192.168.0.100

 iptables -A FORWARD -p tcp -d 192.168.0.100 --dport 80 -j ACCEPT

where as 192.168.0.100 is the lxc-container ip and 10.31.96.176 is host ip

When we try to start the guest we get following error

 lxc-start -n TEST1 -l DEBUG -o /root/test.log
 lxc-start: failed to setup ipv4 gateway for 'eth0': No such process
 lxc-start: failed to setup netdev
 lxc-start: failed to setup the network for 'TEST1'
 lxc-start: failed to setup the container
 lxc-start: invalid sequence number 1. expected 2
 lxc-start: failed to spawn 'TEST1'

How do we resolve this ?

How to configure NAT with LXC containers in SLES?

0 Answers0