mO SharemO Share

How to connect an external mqtt client to an LXC Container / IOXClient in a IR809/IR829 router

To connect an external mqtt client (like MQTT.fx) to the mosquitto broker inside an Cisco LXCContainer/IOXClient.

 

  1. First enable the elevated mode in the Cisco router by typing "enable".
  2. Then we use the command "show ip int br" to see the configuration of the interfaces.
  3. The external HOST ip (192.168.118.17) and the internal ip (192.168.1.1) which is used for the Guest Operating System (GOS) and the LXC Container.

    C829_OpenBerlin#show ip int br
    Interface IP-Address OK? Method Status Protocol
    GigabitEthernet0 unassigned YES NVRAM down down
    wlan-ap0 unassigned YES NVRAM up up
    GigabitEthernet1 unassigned YES unset up up
    GigabitEthernet2 unassigned YES unset down down
    GigabitEthernet3 unassigned YES unset down down
    GigabitEthernet4 unassigned YES unset down down
    Wlan-GigabitEthernet0 unassigned YES unset up up
    Async0 unassigned YES unset up up
    Async1 unassigned YES unset down down
    GigabitEthernet5 192.168.1.1 YES NVRAM up up
    Cellular0 unassigned YES NVRAM up up
    CellNM7 unassigned YES unset down down
    NVI0 192.168.1.1 YES unset up up
    Vlan1 192.168.118.17 YES NVRAM up up
  4. To see the different ip addresses used for the GOS and the LXC Container, we use the command "sho ip arp | inc 192.168.1.1".
  5. Typically the first entry is the Cisco gateway itself, the second the GOS and the third the LXC Container.

    C829_OpenBerlin#sho ip arp | inc 192.168.1
    Internet 192.168.1.1 - ecbd.1dba.4b4c ARPA GigabitEthernet5
    Internet 192.168.1.3 2 0200.0190.8b05 ARPA GigabitEthernet5
    Internet 192.168.1.4 0 5254.dd79.d565 ARPA GigabitEthernet5
    Internet 192.168.112.1 0 0017.c56b.988b ARPA Vlan1
    Internet 192.168.115.5 0 6238.3031.3238 ARPA Vlan1
    Internet 192.168.117.50 0 f01f.af47.8738 ARPA Vlan1
    Internet 192.168.117.54 155 101f.74fc.40f0 ARPA Vlan1
    Internet 192.168.117.254 10 3235.6237.3937 ARPA Vlan1
    Internet 192.168.118.17 - ecbd.1dba.4b40 ARPA Vlan1
    Internet 192.168.118.18 - ecbd.1dba.4b40 ARPA Vlan1
    Internet 192.168.119.96 62 0800.273c.f693 ARPA Vlan1
    Internet 192.168.120.221 0 0003.2d10.517c ARPA Vlan1
    C829_OpenBerlin#
  6. Finally to access the internal network from the outside, we NAT the ip address of the LXC container to the internal network, via VLAN1 with the correct MQTT port (1883).

    C829_OpenBerlin#ip nat inside source static tcp 192.168.1.4 1883 interface Vlan1 1883
  7. Now we can connect to the MQTT broker with an external tool (MQTT.fx).