[arch-general] tap device
Mauro Santos
registo.mailling at gmail.com
Wed Mar 12 10:21:05 EDT 2014
On 12-03-2014 14:11, Paul Gideon Dann wrote:
> On Wednesday 12 Mar 2014 14:06:30 Mauro Santos wrote:
>> No netctl here :)
>>
>> I systemd-networkd enabled on boot and 3 files in /etc/systemd/network
>>
>>> cat brkvm.netdev
>>
>> [NetDev]
>> Name=brkvm
>> Kind=bridge
>>
>>> cat brkvm.network
>>
>> [Match]
>> Name=brkvm
>>
>> [Network]
>> Description=Bride for use with virtual machines and containers
>> Address=192.168.56.1/24
>>
>>> cat vb-veth.network
>>
>> [Match]
>> Name=vb-*
>>
>> This last one is sort of a hack to bring the network up as it shows up,
>> I suppose systemd-nspawn should do it by itself, this might be a bug,
>> unless there is a good reason not to bring the network up automatically.
>>
>> Inside the container I do manual setup of the network address since I'm
>> not actually booting it.
>>
>> Mind you that you may have to do systemctl daemon-reload (not really
>> sure if this one is needed) and restart systemd-networkd for any changes
>> to make effect.
>
> Can I ask you both why you chose this route of creating a private network? As far as I can
> tell, by default systemd-spawn will allow the container to use the host's interface. I would
> have thought that would be adequate for most usecases?
>
> Paul
>
Because I have both a virtual machine and container that need to talk to
each other.
Initially I had this setup specifically because of qemu, I wanted access
to a few ports inside the virtual machine and having to setup some kind
of nat would be a pain (and another variable in case things didn't work).
After I saw that systemd-nspawn now has more network isolation features
I just used the setup I had.
It's possible this is overkill for what I want but it was the solution I
came up with at the time.
--
Mauro Santos
More information about the arch-general
mailing list