Hello,
I have attempted to make a network diagram below:
+----------------------+
| |
| Router |
| [192.168.2.1] |
| |
| |
+----------------------+
|
|
|
V
+-----------------------+
| |
| Server |
| [Physical NIC] |
| |
+-----------------------+
|
|
|
V
+-------------------------+
| |
| Bridge (br0) |
| [192.168.2.2] |
| |
+-------------------------+
|
|
+------------------------+
| |
| |
V V
+--------------+ +----------------+
|LXC Container | | LXC Container |
|[192.168.2.11]| | [192.168.2.10] |
|(Arch Mirror) | | |
+--------------+ +----------------+
Sending the nmcli log might help too so here:
br0: connected to bridge-br0
"br0"
bridge, E2:1B:81:AC:C7:A1, sw, mtu 1500
ip4 default
inet4 192.168.2.2/24
route4 192.168.2.0/24 metric 0
route4 default via 192.168.2.1 metric 0
inet6 fe80::d474:abac:4022:cecd/64
route6 fe80::/64 metric 1024
enp1s0: connected to bridge-slave-enp1s0
"Realtek RTL8111/8168/8411"
ethernet (r8169), D0:27:88:94:DB:07, hw, mtu 1500
master br0
veth3d143e61: unmanaged
"veth3d143e61"
ethernet (veth), 02:C5:A3:61:D0:61, sw, mtu 1500
veth4cd972f9: unmanaged
"veth4cd972f9"
ethernet (veth), 0A:19:91:57:A8:B5, sw, mtu 1500
veth696dc3aa: unmanaged
"veth696dc3aa"
ethernet (veth), BE:4E:23:0A:02:DD, sw, mtu 1500
veth734ec5cc: unmanaged
"veth734ec5cc"
ethernet (veth), 5E:C9:71:5C:34:EC, sw, mtu 1500
vethc171d051: unmanaged
"vethc171d051"
ethernet (veth), 02:47:E1:3C:BC:8E, sw, mtu 1500
lo: unmanaged
"lo"
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
All the veths are LXC containers running, the are bridged using the br0
interface, they are assigned IP addresses from DHCP server running on
the router.
When 192.168.2.10 pulls from 192.168.2.11 (The arch mirror) the bridge passes the traffic from one veth to the other. However when the Physical server tries to pull from the Arch mirror, it does the following:
192.168.2.2 (server) --> 192.168.2.1 (router, default gateway) --> 192.168.2.11 (pass back to the server NIC but passes it into the lXC container instead).
I want to eliminate the hop to the router, I thought the bridge slave would do this, but obviously not.
I know my diagram sucks but I hope it and the nmcli output will help :) Thanks, -- Polarian GPG signature: 0770E5312238C760 Website: https://polarian.dev JID/XMPP: polarian@xxxxxxxxxxxx
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
