lxc-network

List all available networks

$ lxc network list

$ lxc network show [network_name]

$ lxc network attach [network_name] [container_name]

$ lxc network create [network_name]

$ lxc network set [network_name] bridge.external_interfaces [eth0]

$ lxc network set [network_name] ipv[4].nat false

lxc-network command [options]
Where command can be up, down, or status.

up
    Brings up and configures the default LXC network bridge (e.g., lxcbr0), typically assigning it an IP address and enabling NAT to the host's external network.

down
    Takes down and unconfigures the default LXC network bridge, releasing its resources.

status
    Displays the current operational status of the default LXC network bridge, indicating if it is up, down, or misconfigured.

lxc-network is a utility script integral to the Linux Containers (LXC) ecosystem, primarily designed to manage the default network bridge (lxcbr0) used by LXC containers. It provides a straightforward way to bring up, bring down, or check the status of this dedicated network interface, ensuring that containers have network connectivity to the host and external networks. While not a general-purpose network configuration tool, lxc-network simplifies the setup and teardown of the specific network infrastructure required for LXC, often being invoked automatically by LXC services or used by administrators for manual initialization and troubleshooting. It plays a crucial role in isolating container networks while enabling communication where needed.

lxc-network is primarily focused on the default LXC network setup (e.g., lxcbr0) and is not a general-purpose network management utility for all system interfaces. It requires root privileges to execute its commands as it modifies system network configurations. Its functionality may vary slightly across different LXC versions or Linux distributions, as it is often a wrapper script.

The default LXC network bridge, lxcbr0, is a virtual Ethernet bridge created and managed by lxc-network. It acts as a central point for all containers to connect to, providing them with IP addresses (often via DHCP) and enabling them to communicate with each other and, through NAT, with the external network. This setup simplifies container networking significantly.

While lxc-network can be invoked manually by administrators, it is most often called automatically by the LXC system services or other lxc commands (like lxc-start) to ensure the necessary network infrastructure is in place before containers are launched. It's an essential background utility for LXC's default network configuration.

The lxc-network script has been a fundamental component of the Linux Containers (LXC) project since its early days, evolving alongside the kernel's containerization features like cgroups and namespaces. Its purpose has consistently been to provide a simplified, consistent method for managing the default network bridge (lxcbr0) that enables network connectivity for LXC containers. It reflects LXC's design philosophy of providing robust yet easy-to-use tools for container lifecycle management.

lxc(1), lxc-create(1), lxc-start(1), lxc.conf(5), brctl(8), ip(8)