When lxc is equipped with nat network segment, all kinds of behaviors are normal. If you want to set the ip of lxc to be on the same network segment as the host host (i.e., static ip), although the bridge can be created normally and host can ping the bridge, the inside of the container cannot ping the bridge, let alone the host and other hosts.
For example, my host ip is 10.0.0.50, in veth mode, lxcbr0 ip is 10.0.0.51, and container ip is 10.0.0.52. at this time, I can ping 10.0.0.51 on host, 10.0.0.51 in container, or any host on the same network segment. If lxcbr0 and its dhcp network segment and container ip are changed to 10.0.3.x, they can all ping each other.
There are many experts here, I hereby ask for advice!
This is written in pipework, and I’m working on it.