Way to assign Linux container to the same LAN as host?

Question

My goal is to make my Linux container live on the same lan as host and other devices. Because I need to use nmap frequently to scan the devices mac address on the lan. Unfortunately, the nmap scanning is only working when these machines all live on the same subnet.

I've tried several ways to make it happen, but all failed. Although there are lots of instructions about how to do this, seem like they are all for Docker for Linux.

For example, a very detailed instructions from stackoverflow: Docker on CentOS with bridge to LAN network is also not working for me.

Things I've tried:

Macvlan:

it seems like Docker for Windows 10 doesn't support macvlan due to I have no way to make Windows network adapter as parent..

Pipework:

which is only working on Linux system but I am using Windows 10..

Modify bip from daemon.json:

I tried, which will set docker0 to static IP then container is still not able to ping devices on the LAN. I guess it's because the container is placed at NAT and change docker0 bridge ip won't be able to achieve my goal.

Run image with --net host:

which ifconfig shows:

docker0   Link encap:Ethernet  HWaddr 02:42:2d:b8:0b:7c
          inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0
          inet6 addr: fe80::42:2dff:feb8:b7c/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:540 (540.0 B)

eth0      Link encap:Ethernet  HWaddr 02:50:00:00:00:01
          inet addr:192.168.65.3  Bcast:192.168.65.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:111 errors:0 dropped:0 overruns:0 frame:0
          TX packets:147 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:9701 (9.7 KB)  TX bytes:10384 (10.3 KB)

hvint0    Link encap:Ethernet  HWaddr 00:15:5d:0d:52:27
          inet addr:10.0.75.2  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::215:5dff:fe0d:5227/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:359819 errors:0 dropped:1303 overruns:0 frame:0
          TX packets:1157 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:54740692 (54.7 MB)  TX bytes:103676 (103.6 KB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:57 errors:0 dropped:0 overruns:0 frame:0
          TX packets:57 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:5732 (5.7 KB)  TX bytes:5732 (5.7 KB)

It's able to ping everything on my subnet, but the IP is still not from my subnet but 192.168.65.3.

Then I was trying to change the eth0 ip to static IP by editing /etc/network/interface.d/eth0, after restart networking service, the eth0 ip is changed to static ip from my subnet, but the network is not working anymore.

PLEASE, if anyone here knows how to place Windows 10's Linux Container on the LAN as same as host's.

My Docker Version

Client:
 Version:      18.03.1-ce
 API version:  1.37
 Go version:   go1.9.5
 Git commit:   9ee9f40
 Built:        Thu Apr 26 07:12:48 2018
 OS/Arch:      windows/amd64
 Experimental: false
 Orchestrator: swarm

Server:
 Engine:
  Version:      18.03.1-ce
  API version:  1.37 (minimum version 1.12)
  Go version:   go1.9.5
  Git commit:   9ee9f40
  Built:        Thu Apr 26 07:22:38 2018
  OS/Arch:      linux/amd64
  Experimental: false

Timmy Lin · Accepted Answer · 2021-01-29T08:35:55.837

0

I had posted another question which is the same root cause of this question. Therefore, they could apply to the same solution.

The solution is post on DOCKER: Linux Container on Windows 10, how to use nmap to scan device's mac address

edited Jan 29 '21 at 08:35

answered Jun 06 '18 at 03:34

Timmy Lin

716
8
15

score 0 · Answer 2 · answered Jul 16 '20 at 01:04

I'm still working on this, but your assertion that macvlan doesn't work on Windows 10 is incorrect. Using some of the instructions in the question you linked, I got a fairly functional macvlan network set up on Windows 10. I'm still wrestling with getting hosts on my network to be able to ping hosts on the macvlan network.

Here's what I did:

In an admin powershell window: Set-NetIPInterface -ifindex <interface_index> -Forwarding Enabled setting (use Get-NetAdapter to get list of network adapters and their ifindex numbers)
docker network create routed0 --subnet 192.168.2.0/24 replacing 192.168.2.0/24 with the correct network number and netmask bits for the network you want to assign to the routed0 network

For me, this yielded a docker network via which attached containers could successfully talk with internet hosts via the router for 192.168.1.0/24. However, I have yet to figure out how to configure the windows 10 box acting as the gateway for 192.168.2.0/24 to actually act as a gateway (and do things like route ICMP requests from hosts on 1.0/24 to the docker network 2.0/24 that it's hosting).

Way to assign Linux container to the same LAN as host?

Macvlan:

Pipework:

Modify bip from daemon.json:

Run image with --net host:

2 Answers2