Following up to yesterday’s post on LXC: Linux Containers, I had a quick play with 2 ULA subnets (aka RFC4193 addresses - dont forget that site-local was depreciated) - one subnet was dedicated to the LXC containers, one for my normal LAN. Perhaps unsurprisingly IPv6 appears to work perfectly well in this setup.
I also altered the setup and bridged a container directly to eth0 on the host node, and watched the container assign itself a stateless address based on my prefix, and again everything appeared to work perfectly well out onto the public v6 network (courtesy of Hurricane Electric’s Tunnel Broker service).
So all in all I’d say that LXC is looking pretty good so far. There are a few other things I’d like to test, like how effective iptables are in the context of containers, and whether or not it is secure enough. Unfortunately I’m not going to have time to play with these things this weekend really. Answers on a postcard to the usual address if you already know though!