Related Articles
If you’re using Docker to manage your containers, you may have run into situations where you need to run multiple containers on the same host, each with its own IP address. This is where a macvlan network comes in handy. On this website, we use a macvlan network in all our tutorials and we highly recommend you do the same. In this tutorial, we’ll walk you through the process of creating a macvlan network in Docker, and show you the benefits of using this type of network.
A macvlan network is a type of network that allows you to assign a unique MAC address and IP address to each container in Docker. This means that each container in the network has its own identity and can communicate directly with other devices on the same network.
In simpler terms, a macvlan network enables you to create virtual network interfaces on your Docker host. These virtual interfaces act like physical network interfaces and can be assigned their own unique IP address and MAC address. This allows each container in the network to have its own network identity, which can be used to communicate with other devices on the same network.
A macvlan network in Docker provides several benefits, including:
Creating a macvlan network in Docker is very easy! We will create our new network in Docker using the macvlan driver. We’ll call it “mac_vlan_network”. Open your terminal and use the following command:
sudo docker network create -d macvlan \
--subnet 10.1.1.0/24 \
--gateway 10.1.1.1 \
-o parent=enp0s2 \
mac_vlan_network
This command creates a new network using the macvlan driver. We’ve specified:
Adjust these values as needed for your own network.
Now that we have created our macvlan network, we can easily connect containers to the network by specifying the network type during container setup. Here is a simple example:
docker run -it --name=webserver --network=mac_vlan_network --ip=10.1.1.10 nginx
It’s important to always specify an IP address when connecting a container to a macvlan network. If you don’t specify an IP address, Docker will act as a DHCP server and assign an IP address to your container. This can create IP conflicts in your network if you already have a DHCP server (which is usually the case).
version: '3'
services:
web:
image: nginx
container_name: nginx
networks:
mac_vlan_network:
ipv4_address: 10.1.1.10
networks:
mac_vlan_network:
external: true
IP Address Conflicts: If you don’t specify an IP address for your containers, Docker will act as a DHCP server and assign an IP address to your container. This can create IP conflicts in your network if you already have a DHCP server running.
A macvlan network is limited to the same subnet as the physical interface on your host. This means that if you want to connect to devices on a different subnet, you’ll need to set up routing between the two subnets.
Broadcast traffic is not supported on a macvlan network. This means that if you need to send broadcast traffic between containers, you’ll need to set up multicast routing.
Since each container in a macvlan network has its own MAC address, it’s possible for a container to spoof the MAC address of another device on your network. This can potentially lead to security issues.
By being aware of these issues and taking appropriate steps to mitigate them, you can ensure that your macvlan network is secure and functional.
If you found this tutorial helpful, please consider supporting us by buying us a coffee or making a small donation. Your contribution will help us continue to create easy-to-follow tutorials, so you can effortlessly set up your own homelab! Thank you for your support.