Hello, I would like to set up sshd under an LXC application container and to be able to connect into it from the host. I was able to achieve that with LXC tools CLI after setting up a bridge via brctl and creating a proper lxc.conf file for lxc-execute to use. However, I am unable to do so via libvirt. I am using libvirt version 0.7.1 installed on fedora 12. I first verified that the default network is up [root@enc12 avi]# virsh net-list --all Name State Autostart ----------------------------------------- default active yes and that the bridge exists [root@enc12 avi]# brctl show bridge name bridge id STP enabled interfaces virbr0 8000.000000000000 yes I then went over the explanations under http://www.libvirt.org/formatdomain.html#elementsNICS and http://wiki.libvirt.org/page/Networking and made sure net.ipv4.ip_forward = 1 under file /etc/sysctl.conf on the host after that, I created a container with the following xml specification: <domain type='lxc'> <name>ssh9</name> <memory>500000</memory> <os> <type>exe</type> <init>/usr/sbin/sshd</init> </os> <vcpu>1</vcpu> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <devices> <emulator>/usr/libexec/libvirt_lxc</emulator> <interface type='network'> <source network='default'/> </interface> <console type='pty' /> </devices> </domain> Below is the command that verifies LXC is running followed by dumpxml: [root@enc12 avi]# virsh -c lxc:/// list --all Id Name State ---------------------------------- 1551 ssh9 running <domain type='lxc' id='1551'> <name>ssh9</name> <uuid>ead3dc4f-9b3f-eec0-e83a-1d87e0ffb1eb</uuid> <memory>500000</memory> <currentMemory>500000</currentMemory> <vcpu>1</vcpu> <os> <type arch='i686'>exe</type> <init>/usr/sbin/sshd</init> </os> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <devices> <emulator>/usr/libexec/libvirt_lxc</emulator> <interface type='network'> <mac address='52:54:00:e8:e3:dd'/> <source network='default'/> <target dev='veth0'/> </interface> <console type='pty' tty='/dev/pts/1'> <source path='/dev/pts/1'/> <target port='0'/> </console> </devices> </domain> However, I can not see the IP address of the container so was not able to connect it. I can also see that the routing table configured on the host - routes any address destined to network 192.168.122 - into the bridge and I understood that the container should have constructed with one of the IPs in the range of 192.168.122.2 to 192.168.122.254 (as defined in dhcp tag under default network) but it did not happen. Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 9.148.28.32 * 255.255.255.240 U 1 0 0 eth0 192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0 default 9.148.28.33 0.0.0.0 UG 0 0 0 eth0 I wonder what am I missing here. Thanks, - Avi