3

I'm running Docker containers on a host (A) which is in a local network and gets its IP address from the WLAN router via DHCP. I'd like to access the docker containers via IP address from another host (B) which is in the same local network. I've configured a macvlan docker network in my docker compose file. However if I scan the network for IP addresses with e.g. nmap -sP XXX.XXX.XXX.0/24 with XXX.XXX.XXX as subnet mask I don't find new IP addresses. In general: Do I have to consider something special in case I create a setup like this?

Reference to a similar, simplifying question on forums.docker.com.

thinwybk
  • 4,193
  • 2
  • 40
  • 76
  • You should be able to start containers using the ordinary `docker run -p` option and reach them via the published port and the host's IP address. The container-private IP addresses are usually an implementation detail that you don't need to worry about. – David Maze Jul 22 '20 at 17:44
  • I've created a custom macvlan with `docker network create -d macvlan -o parent= --subnet=192.168.178.0/24 --gateway=192.168.178.1 custom_macvlan` and linked from the physical to the virtual one with `sudo ip link add custom_macvlan link type macvlan mode bridge`. The appcation is accessible on the host which runs docker. But not from another host. – thinwybk Jul 23 '20 at 12:37
  • @DavidMaze Isn't it the case when using network mode `host` only? In case of default `bridge` network mode the ip range is `"Subnet": "172.17.0.0/16"` (`docker inspect bridge0`). To assign a custom ip range you can either modify the default bridge0 network or create a new one. When using `bridge` network mode you have to [modify the host machines kernel and iptable to enable forwarning](https://docs.docker.com/network/bridge/#enable-forwarding-from-docker-containers-to-the-outside-world). Instead you can use a `macvlan` to allow docker container access via ip address. – thinwybk Jul 27 '20 at 06:59

1 Answers1

4

Macvlan does not generally work over wireless interfaces. It just took me hours to discover that, as it is nowhere mentioned in most macvlan documentation. See: http://hicu.be/macvlan-vs-ipvlan

From my understanding, access points don't like getting packets from MAC addresses that haven't previously authenticated with them.

ipvlan L2 works, just replace the macvlan driver with ipvlan and specify ipvlan_mode: 2 under driver_opts.

jsc
  • 156
  • 1
  • 3
  • please, you could share example of file docker-compose that be using ipvalan working with access ip external ex: 192.168.0.10 – jonathasborges1 Jul 26 '22 at 23:40
  • 1
    Here's a (temporary) link to a docker-compose file that creates an ipvlan link. I couldn't figure out how to format it into a comment. https://www.dropbox.com/s/89mwzvors3of9k7/docker-compose.yml?dl=0 – jsc Jul 27 '22 at 21:49
  • 1
    hello @jsc thank by share, I am try work my wordpress app with ipv4 192.168.0.x - but without sucess =( I am has create gist with docker-compose example , maybe someone help me - https://gist.github.com/jonathasborges1/7cd22d890c28ca1b4e45a4efdc2584cb – jonathasborges1 Jul 28 '22 at 15:08