loxilb - How to build/run

1. Right from code (difficult)

  • Install GoLang > v1.17
wget https://go.dev/dl/go1.19.linux-amd64.tar.gz && sudo tar -xzf go1.19.linux-amd64.tar.gz --directory /usr/local/
export PATH="${PATH}:/usr/local/go/bin"
  • Install standard packages
sudo apt install -y clang llvm libelf-dev gcc-multilib libpcap-dev vim net-tools linux-tools-$(uname -r) elfutils dwarves git libbsd-dev bridge-utils wget unzip build-essential bison flex iproute2

For Ubuntu 22.04 users:

sudo apt install -y clang-13
  • Build custom iproute2 package. (loxilb requires a special version of iproute2 tool for its operation. The customized repository can be found here. loxilb needs some patches to iproute's tc module to properly load/unload its ebpf modules
git clone https://github.com/loxilb-io/iproute2.git
cd iproute2
cd libbpf/src/
mkdir build
DESTDIR=build make install
cd ../../
export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:`pwd`/libbpf/src/
LIBBPF_FORCE=on LIBBPF_DIR=`pwd`/libbpf/src/build ./configure
sudo cp -f tc/tc /usr/local/sbin/ntc
  • Build and run loxilb
git clone --recurse-submodules https://github.com/loxilb-io/loxilb.git
cd loxilb
cd loxilb-ebpf/libbpf/src
sudo make install
cd -
sudo mkdir -p /opt/loxilb/cert/
sudo cp api/certification/server.* /opt/loxilb/cert/
sudo ./loxilb 
  • Build and use loxicmd
git clone https://github.com/loxilb-io/loxicmd.git
cd loxicmd
go get .
sudo cp -f loxicmd /usr/local/sbin/

loxicmd usage guide can be found here

2. From docker (easy)

Get the loxilb official docker image

  • Latest dev image (possibly unstable)
docker pull ghcr.io/loxilb-io/loxilb:latest
  • Latest Ubuntu 22.04 image
docker pull ghcr.io/loxilb-io/loxilb:latestu22
  • Stable Image
docker pull ghcr.io/loxilb-io/loxilb:v0.8.8

To run loxilb docker, we can use the following commands :

docker run -u root --cap-add SYS_ADMIN   --restart unless-stopped --privileged -dit -v /dev/log:/dev/log --name loxilb ghcr.io/loxilb-io/loxilb:latest

To drop in to a shell of loxilb doker :

docker exec -it loxilb bash

For load-balancing to effectively work in a bare-metal environment, we need multiple interfaces assigned to the docker (external and internal connectivitiy)

loxilb docker relies on docker's macvlan driver for achieving this. The following is an example of creating macvlan network and using with loxilb

# Create a mac-vlan (on an underlying interface e.g. enp0s3).
# Subnet used for mac-vlan is usually the same as underlying interface
docker network create -d macvlan -o parent=enp0s3   --subnet   --gateway --aux-address 'host=’ llbnet

# Run loxilb docker with the created macvlan 
docker run -u root --cap-add SYS_ADMIN   --restart unless-stopped --privileged -dit -v /dev/log:/dev/log --net=llbnet --ip= --name loxilb ghcr.io/loxilb-io/loxilb:latest

# If we still want to connect loxilb docker additionally to docker's default "bridge" network or more macvlan networks
docker network connect bridge loxilb
docker network connect llbnet2 loxilb --ip=


  • While working with macvlan interfaces, the parent/underlying interface should be put in promiscous mode
  • One can further use docker-compose to automate attaching multiple networks to loxilb docker or use --net=host as per requirement
  • To create a simple and self-contained topology for testing loxilb, users can follow this guide
  • If loxilb docker is in the same node as the app/workload docker, it is advised that "tx checksum offload" inside app/workload docker is turned off for sctp load-balancing to work properly
docker exec -dt <app-docker-name> ethtool -K <app-docker-interface> tx off

3. Running in Kubernetes

  • For running in K8s environment, kindly follow kube-loxilb guide