lxc tun vpn device on more container?

[openaspace]

As report the official guide it works.. (on the first lxc) .. but which is the correct /dev/net dev/net for others tun devices?

nano /etc/pve/lxc/123.conf

Add the following lines at the end (if you're using PVE < 7.0, change `cgroup2` with `cgroup`)

 lxc.cgroup2.devices.allow: c 10:200 rwm
 lxc.mount.entry: /dev/net dev/net none bind,create=dir

Press Ctrl-X and answer "Y" for saving and press Enter.

For your unprivileged container to be able to access the /dev/net/tun from your host, you need to set the owner by running:

 # chown 100000:100000 /dev/net/tun
Check the permissions are set correctly:

 # ls -l /dev/net/tun
 crw-rw-rw- 1 100000 100000 10, 200 Dec 22 13:26 /dev/net/tun
Finally start the container:

 # pct start 123

 

[Richard]

As report the official guide it works.. (on the first lxc) .. but which is the correct /dev/net dev/net for others tun devices?

nano /etc/pve/lxc/123.conf

Add the following lines at the end (if you're using PVE < 7.0, change `cgroup2` with `cgroup`)

 lxc.cgroup2.devices.allow: c 10:200 rwm
 lxc.mount.entry: /dev/net dev/net none bind,create=dir

Press Ctrl-X and answer "Y" for saving and press Enter.

For your unprivileged container to be able to access the /dev/net/tun from your host, you need to set the owner by running:

 # chown 100000:100000 /dev/net/tun
Check the permissions are set correctly:

 # ls -l /dev/net/tun
 crw-rw-rw- 1 100000 100000 10, 200 Dec 22 13:26 /dev/net/tun
Finally start the container:

 # pct start 123

Works for more containers simultaneously too.