Expose lxc container

Linux on Servers
1

Hi, I am trying to expose an lxc container to the internet.

So far:

  1. ping is not working
  2. If i ping a domain it shows Temporary error in name resolution.
  3. Cant apt update
  4. Cant ping host also

I have tried editing my resolv.conf file but it didnt work.

$ lxc network show lxdbr0:

config:
  ipv4.address: 10.239.64.1/24
  ipv4.nat: "true"
  ipv6.address: xxxx:xxxx::xxxx::xxxx::xxxx
  ipv6.nat: "true"
description: ""
name: lxdbr0
type: bridge
used_by:
- /1.0/instances/desired-monster
- /1.0/profiles/default
managed: true
status: Created
locations:
- none

Host:
Other than lo and physical interfaces it has this:
$ ip a

4: lxdbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether <MAC> brd ff:ff:ff:ff:ff:ff
    inet 10.239.64.1/24 scope global lxdbr0
       valid_lft forever preferred_lft forever
    inet6 <address> scope global 
       valid_lft forever preferred_lft forever
    inet6 <address> scope link 
       valid_lft forever preferred_lft forever
8: veth2d95cce6@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxdbr0 state UP group default qlen 1000
    link/ether <MAC> brd ff:ff:ff:ff:ff:ff link-netnsid 0

Host is a laptop with ethernet connection and Ubuntu Server 22.04 Lts and has a static ip.

2

Welcome to the forum!

What is the IP of the physical interface? If you have one, remove it, as it should not have one. I personally have a bridge made by myself and configured through ip, rather than using the built-in lxd tooling.

ip link add name lxdbr0 type bridge
ip link set enp4s0 master lxdbr0
ip link set dev lxdbr0 up
ip link set dev enp4s0 up

I create this at each bootup before I start dhcpcd. 0 config in the network description. If I wanted a static IP on the bridge, I’d still use ip.

There are no firewall rules on my host though. Check:

iptables -L -n -v

If you are using ubuntu, check ufw rules. If fedora / rhel, check firewalld rules. But given the inability to ping, I would say it’s something to do with the lxd bridge config. My interface is not managed, so managed: false. And no config and no location, not even - none.

3

Questions:

  1. If i remove the static ip how will I ssh into the machine remotely ? I think it will not have a fix ip
  2. I just tried this:
lxc config device add desired-monster eth0 nic nictype=bridged parent=lxdbr0 name=eth0

but no luck.

Also i need the container to host a website on it.

4

In ubuntu, most likely through netplan. Something like this:

network:
  version: 2
  renderer: networkd
  ethernets:
    eno1:
      dhcp4: no
      dhcp6: no
  bridges:
    lxdbr0:
      interfaces: [eno1]
      dhcp4: no
      dhcp6: no
      addresses:
        - 10.239.64.2/24
      routes:
        - on-link: true
          to: 0.0.0.0/0
          via: 10.239.64.1
      gateway6: fe80::1
      nameservers:
        addresses:
          - 213.133.98.98
          - 213.133.100.100
          - 213.133.99.99
          - 2a01:4f8:0:1::add:1010
          - 2a01:4f8:0:1::add:9999
          - 2a01:4f8:0:1::add:9898

You probably should not copy the above, but it is a good example I found and modified a bit for your IP.

However, I am rather curious what is the default gateway in your configuration. It doesn’t look like you have one. I was also curious where you got that subnet from. I don’t know which one is your router, but in your config, the laptop clearly has the first IP from that subnet.

At least in this case, you can probably do a

nmap -sn 10.239.64.0/24

if that is actually the subnet of your network.

5

Let me know if you don’t figure this out in a few days. I might have something about this in my note files. (I don’t have this particular thing memorized).

1 Like
6

please dont close the thread, I ll get back to it.