blob: f70c1d114c6945592bde6ed9fdf518a8b78e8678 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Networking is implemented as a pair of Veth interfaces. `eth0` inside of the container, `ve-containername` on the host. A container has its own networking namespace so it can configure the network without affecting the host's network.
To allow containers to talk to the outside network we'll need to set-up NAT on the host.
```
{
networking.nat.enable = true;
networking.nat.internalInterfaces = [ "ve-+" ];
networking.nat.externalInterface = "eth0";
}
```
NetworkManager has to be stopped from trying to manage container interfaces:
```
{
networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
}
```
---
[[NixOS - Containers]]
|
