Running LXC Linux Containers on a laptop

Last edited

Last updated: $Date: 2010-10-02 19:14:16 $

LXC Linux Containers provide operating system-level virtualisation right from a standard stock kernel.

LXC Linux Containers

LXC Linux Containers offer operating system-level virtualisation. This is a very lightweight and fast virtualisation solution. The great thing about LXC is that is part of the standard Linux kernel. So there is no need for patches. Another fine thing is that there is not very much needed to build a LXC host. The userspace utils are either small compiled C-programs or simple shellscripts.

This means you can run LXC containers without having to install Python or other stuff.

Setting up the network with br0 and wlan0

The containers connect to the network through a bridge. Most wifi interfaces have some problems becoming a network bridge. This is why we use NAT (network address translation).

Daniel Lezcano provided the small listing below, which makes setting up network for your containers very simple. Just put the following lines in your /etc/network/interfaces:

auto br0
iface br0 inet static
   bridge_stp off
   bridge_maxwait 5
   pre-up  /usr/sbin/brctl addbr br0
   post-up /usr/sbin/brctl setfd br0 0
   post-up /sbin/iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
   post-up echo 1 > /proc/sys/net/ipv4/ip_forward

Restart the network with:

/etc/init.d/networking restart 


Give the LXC containers an address in the range and inside the container use as the default gateway.

Because we use NAT the containers have to have their network addresses in a range that is different from your local network address range.

In the example above, the address range for the containers is , while for example the local network is on

Connecting from a machine in your network

If you want to set up a connection from a different machine in your network than you have to add a route rule on that machine.


the host (laptop)
the guest (lxc container)
other machine192.168.1.12

To set up a routing rule on the other machine, become root on the other machine and issue the routing rule:

route add -net netmask gw

This tells the other machine that in order to connect to machines in the range is has to use the laptop as a gateway.

The "normal" routing is not changed, so you can still connect to the internet from the other machine.

Related pages