Ubuntu 16.04 LXD with two network interfaces (backend and frontend)

Web & Teknik

Ubuntu 16.04 LXD with two network interfaces (backend and frontend)

Begin with installing the bridge
# apt -y install bridge-utils

Then edit the network interfaces on the lxd host
vi /etc/network/interfaces

# The loopback network interface
auto lo
iface lo inet loopback

# The main internal Bridge (backend)
auto br0
iface br0 inet static
address 192.168.1.99
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 1.1.1.1

# The primary network interface
bridge_ports eno1

# The secondary external Bridge (frontend)
auto br1
iface br1 inet manual
bridge-ifaces eno2
bridge-ports eno2
up ip link set eno2 up

# The secondary network interface
iface eno2 inet manual

We need a new profile for the containers so we copy the default container
lxc profile copy default twonic

The we edit the new profile
lxc profile edit twonic

The new profile looks like this (I use ”vi” to edit the file and save it as a any file)

config:
user.network_mode: link-local
description: Two nics profile
devices:
eth0:
name: eth0
nictype: bridged
parent: br0
type: nic
eth1:
name: eth1
nictype: bridged
parent: br1
type: nic
name: twonic

Now we need a container with the new profile:
lxc launch images:ubuntu/xenial secondcontainer -p twonic

Since our frontend is not enabled at the moment we need to edit interfaces on the container
lxc exec secondcontainer bash

vi /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet6 static
address 2001:200:200:2::2
netmask 64
gateway 2001:200:200:2::1
dns-nameservers 2606:4700:4700::1111

auto eth1
iface eth1 inet static
address 10.1.1.2
netmask 255.255.255.0
gateway 10.1.1.1
dns-nameservers 1.1.1.1

Since our IPv6 setup has uses radv if we want to create our own static ipv6 addresses we need to disable radv on the container.
vi /etc/sysctl.conf:

net.ipv6.conf.eth0.autoconf=0
net.ipv6.conf.eth0.accept_ra=0

use ”sudo sysctl -p” and restart the container.