IPVlan Networking in LXD Containers

scott · December 10, 2022, 8:06pm

I have discussed bridging and macvlan networking for LXD containers many times on the channel. Bridged containers present an address on the LAN. Macvlan can present an address on the LAN or on a VLAN. Both bridging and macvlan use unique mac addresses for every LXD container that you create. IPVlan is different.

IPVlan uses the same MAC address for every LXD container and that is the address of the LXD host server. This may sound like a disadvantage, but the primary use cases for IPVlan are for wireless APs that reject multiple MAC addresses on the same adapter and also some NICs and switches have limitations on the numbers of MAC addresses per adapter or per switch port.

In this tutorial, we learned that you must have an IPVlan LXD profile for each container that uses IPVlan as its networking protocol. We also learned that IPVlan and macvlan containers cannot be mixed on the same adapter.

Create LXD container on your LXD host:

lxc launch ubuntu:22.04 test --profile default -c boot.autostart=true

Create an ipvlan profile and edit it:

lxc profile create ipvlan 
lxc profile edit ipvlan

Clear the contents of the file with the CTRL K command to delete lines and then insert the following as a template:

config:
  user.network-config: |
    #cloud-config
    version: 2
    ethernets:
      eth0:
        addresses:
          - 172.16.2.2/16
        dhcp4: no
        dhcp6: no
        nameservers:
          addresses: [1.1.1.1, 1.0.0.1]
        routes:
         - to: 0.0.0.0/0
           via: 169.254.0.1
           on-link: true
description: "ipvlan LXD profile"
devices:
  eth0:
    ipv4.address: 172.16.2.2
    nictype: ipvlan
    parent: enp5s0
    type: nic
name: ipvlan
used_by:

Make the appropriate changes for your IP address, DNS, and parent adapter interface name.
Save the file with a CTRL X, Yes and Enter.

Copy the template profile to an appropriately named profile for your address:

lxc profile copy ipvlan ipvlan_172.16.2.2

You can edit the copied profile to make any changes.

lxc profile edit ipvlan_172.16.2.2

Finally, stop the LXD container we created, apply the profile and restart the LXD container and your ipvlan networking should be working.

lxc stop test
lxc profile add test ipvlan_172.16.2.2
lxc start test
lxc list