[arch-general] tap device
registo.mailling at gmail.com
Wed Mar 12 10:21:05 EDT 2014
On 12-03-2014 14:11, Paul Gideon Dann wrote:
> On Wednesday 12 Mar 2014 14:06:30 Mauro Santos wrote:
>> No netctl here :)
>> I systemd-networkd enabled on boot and 3 files in /etc/systemd/network
>>> cat brkvm.netdev
>>> cat brkvm.network
>> Description=Bride for use with virtual machines and containers
>>> cat vb-veth.network
>> This last one is sort of a hack to bring the network up as it shows up,
>> I suppose systemd-nspawn should do it by itself, this might be a bug,
>> unless there is a good reason not to bring the network up automatically.
>> Inside the container I do manual setup of the network address since I'm
>> not actually booting it.
>> Mind you that you may have to do systemctl daemon-reload (not really
>> sure if this one is needed) and restart systemd-networkd for any changes
>> to make effect.
> Can I ask you both why you chose this route of creating a private network? As far as I can
> tell, by default systemd-spawn will allow the container to use the host's interface. I would
> have thought that would be adequate for most usecases?
Because I have both a virtual machine and container that need to talk to
Initially I had this setup specifically because of qemu, I wanted access
to a few ports inside the virtual machine and having to setup some kind
of nat would be a pain (and another variable in case things didn't work).
After I saw that systemd-nspawn now has more network isolation features
I just used the setup I had.
It's possible this is overkill for what I want but it was the solution I
came up with at the time.
More information about the arch-general