三、网卡设置方案 - xkatld/zjmf-virtualizor-lxc GitHub Wiki

想简单设置网卡可以参考【利用Virtualizor开LXC NAT VPS】教程。

1. 关闭系统桥接

systemctl stop virtnetwork
systemctl disable virtnetwork

2. 创建桥

nmcli connection add type bridge ifname netbr0 stp no

3. 配置内网 IP

nmcli connection modify "bridge-netbr0" ipv4.method manual ipv4.addresses 10.0.2.1/24 ipv4.dns 8.8.8.8
nmcli connection modify "bridge-netbr0" ipv6.method manual ipv6.addresses fd00:10:2::1/64 ipv6.dns 2001:4860:4860::8888

4. 激活桥

nmcli connection reload
nmcli connection down "bridge-netbr0"
nmcli connection up "bridge-netbr0"

5. 激活 state UP

modprobe dummy
ip link add dummy0 type dummy
ip link set dummy0 up
ip link set dummy0 master netbr0

6. 启用 NAT

sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
iptables -t nat -A POSTROUTING -s 10.0.2.0/24 -o eth0 -j MASQUERADE
ip6tables -t nat -A POSTROUTING -s fd00:10:2::/64 -o eth0 -j MASQUERADE
iptables-save > /etc/sysconfig/iptables
ip6tables-save > /etc/sysconfig/ip6tables
sysctl -p

7.dummy0 持久化

cat > /etc/systemd/system/dummy0-netbr0.service << EOF
[Unit]
Description=Activate dummy0 for netbr0 bridge
After=network.target NetworkManager.service
Wants=network.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/bin/bash -c 'modprobe dummy; ip link add dummy0 type dummy; ip link set dummy0 up; ip link set dummy0 master netbr0'
ExecStop=/bin/bash -c 'ip link delete dummy0'

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl enable dummy0-netbr0.service
systemctl start dummy0-netbr0.service

systemctl status dummy0-netbr0.service