Virtual machine 如何在SLES中使用LXC容器配置NAT？

我们正在尝试在SLES 11.3中使用LXC容器配置NAT和网桥。无法启动conatiner时出现错误

下面是屏幕转储。br0是外部网络，br1是内部网络

 brctl show

bridge name     bridge id               STP enabled     interfaces
br0             8000.001ec9d3ad09       no              eth0
br1             8000.000000000000       no

我们有br0，它与eth0桥接。以下是br0配置

    ifconfig br0

   br0     Link encap:Ethernet  HWaddr 00:1E:C9:D3:AD:09
           inet addr:10.31.96.176  Bcast:10.31.99.255  Mask:255.255.252.0
           inet6 addr: 3ffe:80c0:22c:8021:21e:c9ff:fed3:ad09/64 Scope:Global
           inet6 addr: fe80::21e:c9ff:fed3:ad09/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:4054175 errors:0 dropped:748956 overruns:0 frame:0
           TX packets:9689 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:352965801 (336.6 Mb)  TX bytes:1382473 (1.3 Mb)

  lxc.network.type = veth
  lxc.network.name = net0
  lxc.network.ipv4 = 192.168.0.100/24
  lxc.network.link = br1
  lxc.network.flags = up
  lxc.network.ipv4.gateway=192.168.0.1

br1是用于集装箱内部网络的另一个网桥

br1       Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::70d4:cbff:fe18:6548/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:520 (520.0 b)  TX bytes:1070 (1.0 Kb)

下面是LXC配置

    ifconfig br0

   br0     Link encap:Ethernet  HWaddr 00:1E:C9:D3:AD:09
           inet addr:10.31.96.176  Bcast:10.31.99.255  Mask:255.255.252.0
           inet6 addr: 3ffe:80c0:22c:8021:21e:c9ff:fed3:ad09/64 Scope:Global
           inet6 addr: fe80::21e:c9ff:fed3:ad09/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:4054175 errors:0 dropped:748956 overruns:0 frame:0
           TX packets:9689 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:352965801 (336.6 Mb)  TX bytes:1382473 (1.3 Mb)

  lxc.network.type = veth
  lxc.network.name = net0
  lxc.network.ipv4 = 192.168.0.100/24
  lxc.network.link = br1
  lxc.network.flags = up
  lxc.network.ipv4.gateway=192.168.0.1

我们确实遵循了在br0和br1之间执行NAT的步骤

 iptables -A INPUT    -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT
 iptables -A INPUT    -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT
 iptables -A FORWARD  -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT
 iptables -A FORWARD  -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT

 iptables -A POSTROUTING -t nat -s 192.168.0.0/24 -j MASQUERADE

 iptables -t nat -A PREROUTING -p tcp -d 10.31.96.176 --dport 80 -j DNAT --to 192.168.0.100

 iptables -A FORWARD -p tcp -d 192.168.0.100 --dport 80 -j ACCEPT

其中as 192.168.0.100是lxc容器ip，10.31.96.176是主机ip

当我们尝试启动guest时，会出现以下错误

 lxc-start -n TEST1 -l DEBUG -o /root/test.log
 lxc-start: failed to setup ipv4 gateway for 'eth0': No such process
 lxc-start: failed to setup netdev
 lxc-start: failed to setup the network for 'TEST1'
 lxc-start: failed to setup the container
 lxc-start: invalid sequence number 1. expected 2
 lxc-start: failed to spawn 'TEST1'

---

我们如何解决这个问题？

您找到解决方案了吗？