Hello, I just generated a MACVLAN to use it with my containers. With the approach presented here, even if it worked apparently, there were a lot of packets blocked in PfSense due to asymmetric routing (basically, Host → HA packets were routed locally, but HA → HOST was going through Pfsense).
#Change docker network subnet how to
As such, I added the above static route to instruct on how to route the packets. Sudo ip route add 192.168.40.208/28 via 192.168.50.1 dev eno1Īs can be seen, I have set a VLAN “40” for Home Assistant, the interface I expected to provide the response was “eno1” and the gateway IP of it was “192.168.50.1” (tagged in the switch with VLAN 50)Īlso, I use PfSense for the routing and firewall, so inside it, I created allow rules for the traffic between HOST and the containers using macvlan.īasically what I observed in my case was that MACVLAN container could reach the HOST, but HOST did not know how to route the response back to the container.
The previously created MACVLAN and a proxy network for Traefik. I have assigned two networks to my Homassistant Container. srv/dev-disk-by-id-ata-ST32000542AS_5XW2HFG7/data/docker_data/homeassistant:/config You can then set the IP address of your Homassistant Container for example in your docker-compose.yaml. These where only the commands with which you can create your docker network and tell your host how to communicate with your macvlan containers. The fifth command tells the host how to use that interface when communicating with the containers The third and fourth commands assign the host MACVLAN interface the previously reserved IP address and start it The second command generates a MACVLAN interface named mynet-shim on the Docker host The first command generates a Docker MACVLAN with the reserved IP address 192.168.178.223, so that it is not used by Docker when creating containers. Ip link add mynet-shim link eno1 type macvlan mode bridge
This is a confoguration example for docker macvlan with host connection how I did it: docker network create -d macvlan -o parent=eno1 \
It can also communicate with other devices on the network without any problems.īut be careful: It can no longer communicate with the Docker Host, because the host network and possible MACVLANS or other Docker networks are decoupled.įor this you have to set up a loopback an tell your host machine how to cummincate with your macvlan containers. If you generate a MACVLAN and assign a unique address to your container, it will become a standalone device on your network.