diff options
Diffstat (limited to 'NixOS - Container networking.md')
| -rw-r--r-- | NixOS - Container networking.md | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/NixOS - Container networking.md b/NixOS - Container networking.md new file mode 100644 index 0000000..f70c1d1 --- /dev/null +++ b/NixOS - Container networking.md @@ -0,0 +1,20 @@ +Networking is implemented as a pair of Veth interfaces. `eth0` inside of the container, `ve-containername` on the host. A container has its own networking namespace so it can configure the network without affecting the host's network. + +To allow containers to talk to the outside network we'll need to set-up NAT on the host. +``` +{ + networking.nat.enable = true; + networking.nat.internalInterfaces = [ "ve-+" ]; + networking.nat.externalInterface = "eth0"; +} +``` + +NetworkManager has to be stopped from trying to manage container interfaces: +``` +{ + networking.networkmanager.unmanaged = [ "interface-name:ve-*" ]; +} +``` + +--- +[[NixOS - Containers]]
\ No newline at end of file |