DevOps

Docker Standalone IP Configuration Guide - Macvlan and Pipework Implementation

Comprehensive guide for configuring independent IP addresses in Docker containers using Macvlan network driver and Pipework tool, including YAML examples and network communication constraints.

This article was published 620 days ago, some content may be outdated. If you have any questions, please leave a comment.

Macvlan

πŸ“ Note

Network drivers overview | Docker Docs

Macvlan network driver | Docker Docs

Certain applications, particularly legacy software or programs that monitor network traffic, require direct connections to the physical network. In such scenarios, you can utilize the macvlan network driver to assign each container’s virtual network interface a unique MAC address, making them appear as physical network interfaces directly attached to the physical network. This configuration requires specifying a physical interface on the Docker host for macvlan usage, along with defining the network’s subnet and gateway. You may also employ different physical network interfaces to isolate your macvlan networks.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

cat <<EOF > docker_network_macvlan.yaml
name: docker_network_macvlan
services:
  docker_network_macvlan:
    image: busybox
    container_name: docker_network_macvlan
    networks:
      macvlan_net:
        ipv4_address: 192.168.142.234  # Configure static IP
    privileged: true
    cap_add:
      - NET_ADMIN  # Add network privileges
    command: sleep infinity
    ports:
      - "17000:17000"

networks:
  macvlan_net:
    driver: macvlan  # Use macvlan network type
    # Macvlan networks allow containers to have MAC addresses, making them appear as physical devices on the network.
    # The Docker daemon can route traffic through container's MAC address.
    # Macvlan is often the best choice when dealing with legacy applications that expect direct physical network connection.
    driver_opts:
      parent: eno1  # Specify network interface
    ipam:
      config:
        - subnet: 192.168.142.0/24    # Subnet
          ip_range: 192.168.142.0/24  # IP range
          gateway: 192.168.142.1      # Gateway
EOF

1

docker-compose -f docker_network_macvlan.yaml up -d
πŸ“Œ Important

The container currently cannot communicate with the host machine (using eno1 NIC) or other containers.

Pipework

jpetazzo/pipework: Software-Defined Networking tools for LXC (LinuX Containers) (github.com)

1

sudo docker run -itd --name test ubuntu /bin/bash

1

sudo docker exec test ip addr show

The host machine’s network is 172.16.0.100. Configure the network for container “test” and connect it to bridge br0, where the address after @ represents the gateway:

1
2

sudo pipework br0 test 172.16.0.156/24@172.16.0.1
# ip addr add 172.16.0.254/24 dev br0

1
2
3
4
5

sudo ip addr add 172.16.0.100/24 dev br0; \
    sudo ip addr del 172.16.0.100/24 dev enp1s0; \
    sudo brctl addif br0 enp1s0; \
    sudo ip route del default; \
    sudo ip route add default via 172.16.0.1 dev br0
© 2019 - 2026 Kang's Blog
Facing the sea with spring blossoms.
Built with Hugo
Theme Stack designed by Jimmy