Ubuntu LXC。集装箱'；将IP从与主机相同的网络中删除

我在试LXC。现在，我想将IP分配给来自与LXC主机相同网络的来宾（容器）。作为主机操作系统，我使用Ubuntu14.04.3，作为来宾使用Ubuntu15.10

LXC主机使用我的家庭路由器访问互联网（默认网关），LXC主机具有IP-192.168.1.50（网络-192.168.1.0/24），网关（路由器）地址-192.168.1.1

现在我想从同一个网络将192.168.1.51分配给LXC guest。为此，我在主机LXC计算机上配置了br0接口：

root@lxc-host:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
        address 192.168.1.50
        netmask 255.255.255.0
        gateway 192.168.1.1
        dns-nameservers 8.8.8.8
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0
        bridge_maxwait 0

此配置完成后，Internet和内部网络开始工作：

root@lxc-host:~# ifconfig
br0       Link encap:Ethernet  HWaddr 08:00:27:5a:39:b5
          inet addr:192.168.1.50  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe5a:39b5/64 Scope:Link
          inet6 addr: fdee:cbcd:a595:0:a00:27ff:fe5a:39b5/64 Scope:Global
          inet6 addr: fdee:cbcd:a595:0:91b8:6067:2b5c:e58d/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5001 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2094 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:613920 (613.9 KB)  TX bytes:307810 (307.8 KB)

eth0      Link encap:Ethernet  HWaddr 08:00:27:5a:39:b5
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4964 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2109 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:681460 (681.4 KB)  TX bytes:316156 (316.1 KB)

...

root@lxc-host:~#

根据，我已将容器配置（u1是我的ubuntu容器）更改为以下视图：

root@lxc-host:~# cat /var/lib/lxc/u1/config
# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template:
# For additional config options, please look at lxc.container.conf(5)

# Distribution configuration
lxc.include = /usr/share/lxc/config/ubuntu.common.conf
lxc.arch = x86_64

# Container specific configuration
lxc.rootfs = /var/lib/lxc/u1/rootfs
lxc.utsname = u1

# Network configuration
lxc.network.type = veth
lxc.network.link = br0
lxc.network.flags = up
lxc.network.hwaddr = 00:16:3e:a1:c2:fe
lxc.network.ipv4 = 192.168.1.51/24

# define a gateway to have access to the internet
lxc.network.ipv4.gateway = 192.168.1.1

容器的网络配置如下所示：

root@lxc-host:~# cat /var/lib/lxc/u1/rootfs/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.51
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 8.8.8.8
root@lxc-host:~#

容器重新启动后，eth0实际上使用了192.168.1.51，容器可以ping LXC主机IP192.168.1.50，但不能ping任何其他IP，包括内部IP，如网关192.168.1.1等等

root@u1:~# ip a
1: lo...
5: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:16:3e:a1:c2:fe brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.51/24 brd 192.168.1.255 scope global eth0
...

root@u1:~# ping 192.168.1.50
PING 192.168.1.50 (192.168.1.50) 56(84) bytes of data.
64 bytes from 192.168.1.50: icmp_seq=1 ttl=64 time=0.064 ms
64 bytes from 192.168.1.50: icmp_seq=2 ttl=64 time=0.064 ms
^C
--- 192.168.1.50 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.064/0.064/0.064/0.000 ms

root@u1:~# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
From 192.168.1.51 icmp_seq=1 Destination Host Unreachable
From 192.168.1.51 icmp_seq=2 Destination Host Unreachable
From 192.168.1.51 icmp_seq=3 Destination Host Unreachable
^C
--- 192.168.1.1 ping statistics ---
4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2999ms
pipe 3

root@u1:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms

root@u1:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
root@u1:~#

root@u1：~#ip a
1：你看。。。
5:eth0:mtu 1500 qdisc pfifo_快速状态向上组默认qlen 1000
链接/以太00:16:3e:a1:c2:fe brd ff:ff:ff:ff:ff:ff:ff
inet 192.168.1.51/24 brd 192.168.1.255作用域全局eth0
...
root@u1：~#平192.168.1.50
PING 192.168.1.50（192.168.1.50）56（84）字节的数据。
192.168.1.50中的64字节：icmp_seq=1 ttl=64时间=0.064毫秒
192.168.1.50中的64字节：icmp_seq=2 ttl=64时间=0.064毫秒
^C
---192.168.1.50平统计---
发送2个数据包，接收2个，0%数据包丢失，时间999ms
rtt最小值/平均值/最大值/mdev=0.064/0.064/0.064/0.000毫秒
root@u1：~#平192.168.1.1
PING 192.168.1.1（192.168.1.1）56（84）字节的数据。
从192.168.1.51 icmp_seq=1目标主机无法访问
从192.168.1.51 icmp_seq=2无法访问目标主机
从192.168.1.51 icmp_seq=3目标主机无法访问
^C
---192.168.1.1 ping统计---
传输4个数据包，接收0个数据包，+3个错误，100%数据包丢失，时间2999ms
管道3
root@u1：~#平8.8.8.8
PING 8.8.8.8（8.8.8.8）56（84）字节的数据。
^C
---8.8.8.8平统计---
传输3个数据包，接收0个，100%数据包丢失，时间1999ms
root@u1：~#路线-n
内核IP路由表
目标网关Genmask标志度量参考使用Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
root@u1:~#

---

我错在哪里？Apparmor已停止，LXC主机上的iptables已清除。

此问题与Virtualbox可视化有关（但我知道有些人在Hyper-V上有类似的问题）

在这种情况下，LXC似乎无法共享br0接口

---

对于真正的硬件，我不再有任何问题。

如果您是LXC的新手，我建议您阅读Stephane Graber的10篇博客系列：

Flockport已经创建了一个很棒的网站，有很多LXC主题，特别是在LXC网络方面，从MACVlan到VxLAN再到VPN等等

---

您能详细说明问题的具体内容吗？是不是你无法从虚拟机内部桥接Virtualbox接口？@BobTuckerman试图在Vbox中打开混杂模式