This profile is wrong. Here is the right one: --- $ cat /etc/netctl/lxc_lan_bridge Description="LAN bridge for LXC containers" Connection=bridge Interface=br0 SkipNoCarrier="yes" BindsToInterfaces=() IP=static Address=(10.137.0.1/24) --- Also, since you are running systemd >= 209, you can use networkd. Here are the config files: --- $ cat /etc/systemd/network/lxc_bridge.netdev [NetDev] Name=br0 Kind=bridge $ cat /etc/systemd/network/lxc_bridge.network [Match] Name=br0
[Network] Description=LAN bridge for LXC containers DHCP=false
[Address] Address=10.137.0.1/24 ---
For now, I have a working setup, but I am not satisfied and I think I can improve it. ******* % cat /etc/netctl/dhcp-hortensia Description='A basic dhcp ethernet connection' Interface=enp7s0 Connection=ethernet IP=dhcp ********* This profile is enable and start at boot. Then I manually # start bridge-hortensia *********** % cat /etc/netctl/bridge-hortensia Description="Example Bridge connection" Interface=br0 Connection=bridge BindsToInterfaces=(enp7s0) IP=dhcp *************** What puzzles me is that IF I enable the bridge profile, my system boots with a borken network with an empty /etc/resolv.conf. I would like to overcome this issue. Shall I go static ? Shall I start a specific profile before the other one? Why my resolv.conf is left empty when enabling both profiles ? then my systemd-networkd : ****** % cat /etc/systemd/network/70-dahlia.netdev [Match] #Host=dahlia Virtualization=container [NetDev] Name=br0 Kind=bridge ******************* gabx@hortensia ➤➤ ~ % cat /etc/systemd/network/80-dahlia.network [Match] Virtualization=container MACAddress=14:da:e9:b5:7a:88 [Network] DHCP=yes [Address] Address=192.168.1.94 [Route] Gateway=192.168.1.254 ********************** Nothing on the container side, no netctl profile. This set up leave me with a working network. I can for example http://my_public_ip and then be on the nginx welcome page. But again this set up doesn't sound very academic neither solid to me. last: % ip addr 2: enp7s0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000 link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff inet6 fe80::16da:e9ff:feb5:7a88/64 scope link valid_lft forever preferred_lft forever 4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff inet 192.168.1.94/24 brd 192.168.1.255 scope global br0 valid_lft forever preferred_lft forever inet6 fe80::16da:e9ff:feb5:7a88/64 scope link valid_lft forever preferred_lft forever As you can see, 192.168.1.94/24 is attached to br0, but no IP for my eth interface. Thank you for your help fine tuning this set up. It took me lots of reading and work (yes) to find a way to setup correctly the container network (and other). Documentation on container administered by systemd-nspawn are spare if non existent. I am left with the systemd man page and systemd-dev mailing list for lonely friends.