TUN/TAP device in lxc containers

To create tun/tap devices in Red Hat or Debian based distros inside lxc containers, create the following systemd unit:

    Description=Add tun device workaround
    ExecStart=/usr/bin/mkdir /dev/net
    ExecStart=/usr/bin/mknod -m 666 /dev/net/tun c 10 200

To create the tun/tap device before certain units start (ex. OpenVpn) you can add


under [Unit].

To allow the container to create the device, the following line must be in the lxc config file (/var/lib/lxc/100/config):

lxc.cgroup.devices.allow = c 10:200 rwm

For Proxmox, add the following line to the container config (ex. /etc/pve/lxc/100.conf):

lxc.cgroup.devices.allow: c 10:200 rwm
TUN/TAP device in lxc containers

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s