[SOLVED] LXC container netns commands on startup.

S

sweaty-tim

New Member
Feb 3, 2023
3
0
1
I am in the process of moving my containers from native LXC on Debian 11 to Proxmox and thus learning Promox in the process.

I have one container that I created a wireguard interface on startup using netns commands to replace the device eth0 and forcing the new wg0 interface to be the default gateway. Thus ensuring all traffic from this container is encrypted.

In my existing LXC container I have following setup for eth0, eth1 that created a wg0 (default gateway) and eth1 (local network routing) in /etc/network/interfaces.

Code: 
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual
        pre-up ip netns add physical
        pre-up ip link set eth0 netns physical
        pre-up ip netns exec physical ip link
        pre-up ip netns exec physical ip link add wg0 type wireguard
        pre-up ip netns exec physical ip link set wg0 netns 1
        pre-up ip netns exec physical ip addr add 172.18.20.4/29 dev eth0
        pre-up ip netns exec physical ip link set eth0 up
        pre-up ip netns exec physical ip route add default via 172.18.20.1 dev eth0

        pre-up wg setconf wg0 /etc/wireguard/wg0.conf

        pre-up ip addr add 10.2.0.2/32 dev wg0
        pre-up ip link set wg0 up
        pre-up ip route add default dev wg0

auto eth1
iface eth1 inet dhcp
        post-up ip route add 172.18.10.0/24 via 172.16.20.1 dev eth1

With my Proxmox container I can achieve the same configuration by manually executing the commands as

Code: 
ip netns add physical
ip link set eth0 netns physical
ip netns exec physical ip link
ip netns exec physical ip link add wg0 type wireguard
ip netns exec physical ip link set wg0 netns 1
ip netns exec physical ip addr add 172.18.20.4/29 dev eth0
ip netns exec physical ip link set eth0 up
ip netns exec physical ip route add default via 172.18.20.1 dev eth0

wg setconf wg0 /etc/wireguard/wg0.conf

ip addr add 10.2.0.2/32 dev wg0
ip link set wg0 up
ip route del default via 172.18.20.1 dev eth1   # Just needed to remove route from DHCP as done post up
ip route add default dev wg0

In Proxmox when I setup the same configuration using /etc/network/interfaces the eth0 stanza gets overwritten with
Code: 
auto eth0
iface eth0 inet manual

        pre-up wg setconf wg0 /etc/wireguard/wg0.conf

        pre-up ip addr add 10.2.0.2/32 dev wg0
        pre-up ip link set wg0 up
        pre-up ip route del default via 172.18.20.1 dev eth1
        pre-up ip route add default dev wg0

This is removing the creation of the network name space.

How can I achieve similar container start up with Proxmox to create a wiregaurd interface on boot for my container?
 
Hi,

if you'd like to prevent Proxmox from overwriting your /etc/network/interfaces, you can try telling it to ignore that file using
Code: 
touch /etc/network/.pve-ignore.interfaces
Does this help?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom