networkboot
docker-dhcpd and macvlan interfaces
The following information is useful for everybody who is using macvlan-interfaces and dhcpd ...
To get network-boot/docker-dhcpd working with macvlan-interfaces in a setup like this:
version: "3"
networks:
macvlan-network1:
external:
name: macvlan-network1
macvlan-network2:
external:
name: macvlan-network2
macvlan-network3:
external:
name: macvlan-network3
services:
dhcpd:
cap_add:
- NET_ADMIN
container_name: dhcpd
hostname: dhcpd
image: networkboot/dhcpd:latest
networks:
macvlan-network1:
aliases:
- dhcpd_network1
ipv4_address: 10.0.0.7
macvlan-network2:
aliases:
- dhcpd_network2
ipv4_address: 10.1.0.7
macvlan-network3:
aliases:
- dhcpd_network3
ipv4_address: 192.168.132.7
the entrypoint.sh script should be extended by:
for i in /sys/class/net/eth*
do
echo "### Enabling promiscous mode for network-interface $${i##*/net/}"
ip link set $${i##*/net/} promisc on || ifconfig $${i##*/net/} promisc
done
I don't know exactly why this is needed for macvlan, but with promiscuous-mode enabled interfaces, the dhcpd works fine in the above setup. Without promisc-mode, the dhcpd is not answering to broadcast-requests at all. To get the interfaces in the promisc-mode NET_ADMIN-capability is needed and the docker-image should be extended by iproute2 (ip-command) or net-tools (ifconfig-command). Maybe together with an environment-variable which signalize entrypoint.sh to put the interfaces in promiscuous mode ...
At least this case should be mentioned in the documentation ...
@rostchri This is not a bad idea, but I think it would be beneficial if this is an optional feature to enable, possibly with an environment variable. I'm thinking maybe setting PROMISC=1 would be a decent way of turning it on. Alternatively, the network interface glob to enable promiscious mode for should be in the environment variable, e.g. PROMISC=eth*.
Could you try to supply a PR with these things in mind?
