[arch-general] bridge with netctl
Paul Gideon Dann
pdgiddie at gmail.com
Thu Mar 6 08:23:05 EST 2014
On Thursday 06 Mar 2014 14:03:54 arnaud gaboury wrote:
> I am running a machine "hortensia" with a container "dahlia". As the
> container will be a server, I want to have one IP for hortensia and
> another one for dahlia.
>
> On hortensia, with dhcpcd.service and systemd-networkd both disabled,
> I start at boot two netctl profiles.
>
> /etc/netctl/bridge-hortensia
> Description="Bridge connection to container"
> Interface=br0
> Connection=bridge
> BindsToInterfaces=()
> IP=no
>
> /etc/netctl/static-hortensia
> Description='hortensia static ethernet connection'
> Interface=enp7s0
> Connection=ethernet
> IP=static
> Address=('192.168.1.87/24')
> Gateway=('192.168.1.254')
> DNS=('192.168.1.254')
Hi Arnaud. This doesn't seem right to me. The purpose of a bridge is to connect several
interfaces together. Your bridge is not bound to any interfaces, so it's effectively useless,
unless there's some special use of bridges I'm not familiar with.
Although I haven't played with containers much at all, I would expect it to work in one of 2
ways:
1) Two new virtual interfaces are create: one that is visible to the container, and one that is
visible to the host. The host now has two interfaces, which may be bridged, or it may act
as a NAT router on the interface that goes to the container. The container only sees the
one interface, and uses perfectly normal means to obtain an IP address.
2) No new interfaces are defined, and the host's interface is shared with the container. In
this case, you will need to add another IP to the interface so that it'll respond to both the
host's IP and the container's IP, and then either perform some kind of packet filtering, or
simply ensure that the services on host and client are each configured to respond only to
the desired IP.
Paul
More information about the arch-general
mailing list