doc: Documents the lxc.net.[i].veth.mode option

Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>

diff --git a/doc/api-extensions.md b/doc/api-extensions.md
index 03ece1e0ca71ab07a98dc7a59bacd35d65fc962c..75681a33cdd246484733c0b6114f84e4fe6ec535 100644 (file)
--- a/doc/api-extensions.md
+++ b/doc/api-extensions.md
@@ -96,3 +96,12 @@ This is primarily intended for use with layer 3 networking devices, such as IPVL
 
 This introduces the ability to specify a custom MTU for `phys` and `macvlan` devices using the
 `lxc.net.[i].mtu` property.
+
+# network\_veth\_router
+
+This introduces the ability to specify a `lxc.net.[i].veth.mode` setting, which takes a value of
+"bridge" or "router". This defaults to "bridge".
+
+In "router" mode static routes are created on the host for the container's IP addresses pointing to
+the host side veth interface. In addition to the routes, a static IP neighbour proxy is added to
+the host side veth interface for the IPv4 and IPv6 gateway IPs.

diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
index fc586b17c6f1fa0a6798585102f87da88dbb3a11..a24ee3bae6edaef9f9f52375460dafb9566bc6fa 100644 (file)
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -443,14 +443,23 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
             <para>
               <option>veth:</option> a virtual ethernet pair
               device is created with one side assigned to the container
-              and the other side attached to a bridge specified by
+              and the other side on the host.
+              <option>lxc.net.[i].veth.mode</option> specifies the
+              mode the veth parent will use on the host.
+              The accepted  modes are <option>bridge</option> and <option>router</option>.
+              The mode defaults to bridge if not specified.
+              In <option>bridge</option> mode the host side is attached to a bridge specified by
               the <option>lxc.net.[i].link</option> option.
-              If the bridge is not specified, then the veth pair device
+              If the bridge link is not specified, then the veth pair device
               will be created but not attached to any bridge.
               Otherwise, the bridge has to be created on the system
               before starting the container.
               <command>lxc</command> won't handle any
               configuration outside of the container.
+              In <option>router</option> mode static routes are created on the host for the
+              container's IP addresses pointing to the host side veth interface.
+              Additionally Proxy ARP and Proxy NDP entries are added on the host side veth interface
+              for the gateway IPs defined in the container to allow the container to reach the host.
               By default, <command>lxc</command> chooses a name for the
               network device belonging to the outside of the
               container, but if you wish to handle

diff --git a/src/lxc/api_extensions.h b/src/lxc/api_extensions.h
index 3df9de9ba3fd8efbcf3ac8bc569e03ee94fb00cd..a063c0a75c31b5f8a51acc974b2bdc623a8b64b7 100644 (file)
--- a/src/lxc/api_extensions.h
+++ b/src/lxc/api_extensions.h
@@ -49,6 +49,7 @@ static char *api_extensions[] = {
        "network_l2proxy",
        "network_gateway_device_route",
        "network_phys_macvlan_mtu",
+       "network_veth_router",
 };
 
 static size_t nr_api_extensions = sizeof(api_extensions) / sizeof(*api_extensions);