How can I expose a NIC to a container?

Jan 12, 2015
93
2
28
I have an IDS system I've containerized. eth0 is on vmbr0 while eth3 is an interface running from a SPAN session of a Cisco switch. I've tried creating a new bridge (vmbr100) and added eth3 to it. This allows the container to see UDP traffic from the SPAN session but none of the TCP traffic seems to be coming through the bridge. If I tcpdump eth3 on the hypervisor I can definitely see TCP traffic from the SPAN session. Nothing on the container though. How can I view my all my SPAN session traffic on eth3 in the container?
 
Jan 12, 2015
93
2
28
ok so I found this posting: https://forum.proxmox.com/threads/l...ment-for-lxc-containers-in-proxmox-4-0.23068/

(note eth1 below used to be eth3. Seems it moved to eth1 after a reboot or something?)

I shutdown container 700 and added these lines to my config /var/lib/lxc/700/config:
lxc.network.type = phys
lxc.network.link = eth1
lxc.network.name = span0

then started the container from either proxmox GUI or the cli:
pct start 700
and the lines I added were removed.

If I start the container as in the thread above:
lxc-start -n 700 -F -ldebug -o /tmp/log
The changes seem persistent.

Anyone know why? I don't want to have to start this container by hand on every reboot.
 
Last edited:

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!