Create additional bridge without hardware interface for LXC

alex1452 · August 3, 2020, 2:50pm

Dear all,

I would like to create an "internal" bridge that has no direct hardware interface but is able to connect to wan to reach outside servers.

The reason is that I work with LXC containers, that need connection to a bridge. So far I have simply connected them to the internal 'br-lan' bridge, that is connected to the Ethernet ports for internal 'physical clients'. This means that LXC container and physical clients share the same IP range using veth0.

On Debian/Ubuntu LXC creates an internal bridge that is used to allocate IP addresses to containers. I would like to do the same on openwrt. I have tried to just add a bridge in /etc/config/network

config interface 'lxc'
	option type 'bridge'
	option ifname 'lxcbr0'
	option proto 'static'
	option ipaddr '10.0.3.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

How do I do this correctly so that I have an internal bridge with connection to WAN and DHCP on the bridge using veth-adapter?

Thank you,
alex

ThomasCr · August 3, 2020, 6:06pm

Im am not sure, but maybe you just assign also the local interface with a vlan which you not use on the Ethernet ports.

Like that:

config interface 'lxc'
	option type 'bridge'
	option ifname 'eth1.9999'
	option proto 'static'
	option ipaddr '10.0.3.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

lxcbr0 is the real interface which exists? It sounds like you want to create this interface?
But the name of the new interface will be br-lxc - maybe you just assign also nothing to ifname or remove the line. The interface should be created also this way and you can assign it in lxc to your container.

vgaetera · August 3, 2020, 8:01pm

I'm not sure if this functionality is enough for you, but you can set up a bridge with kmod-dummy.

alex1452 · August 5, 2020, 2:15pm

Thank you. Have just finished compiling and will test and report back.

erdoukki · March 18, 2021, 2:11pm

You have to configure the wan as a bridge (just activate the bridge mode) and configure you veth interface on br-wan.
Or...
You may have to configure a alternative mac address for your veth interface in the lxc config, then you’ll get dhcp as a physical device on your lan.
Like this :

# Network configuration
#lxc.net.0.type = empty
lxc.net.0.type = veth
lxc.net.0.link = br-lan
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:FF:AA:BB:CC:01