MACVLAN: The Ultimate Guide to Virtual Network Interfaces for Linux
August 7th, 2024 8:37 AM Mr. Q Categories: Docker
A MACVLAN is a virtual network interface that allows multiple virtual machines or containers to share the same physical network interface. This can be useful in several ways:
- Resource allocation: By using a MACVLAN, you can allocate resources (e.g., IP addresses and netmasks) more efficiently than with traditional bridge networking. This is because the MACVLAN allows you to use the same physical network interface for multiple virtual machines or containers, reducing the number of interfaces needed.
- Security: By using a MACVLAN, you can implement security policies (e.g., access control lists) more easily than with traditional bridge networking. This is because the MACVLAN allows you to use the same physical network interface for multiple virtual machines or containers, making it easier to enforce security policies at the interface level.
- Scalability: By using a MACVLAN, you can scale your virtualization environment more easily than with traditional bridge networking. This is because the MACVLAN allows you to use the same physical network interface for multiple virtual machines or containers, reducing the number of interfaces needed and making it easier to add new virtual machines or containers as needed.
- Ease of use: By using a MACVLAN, you can simplify your network configuration by allowing you to create multiple virtual machines or containers on top of the same physical interface. This makes it easier to manage and maintain your network infrastructure.
To create a Docker MACVLAN network, you can use the following command:
docker network create -d macvlan --subnet=192.168.0.0/24 my-macvlan-network
This will create a new Docker network called my-macvlan-network
that uses the MACVLAN driver and has a subnet of 192.168.0.0/24
. You can then use this network to connect your containers to the physical network using the --net
flag, like this:
docker run -it --net my-macvlan-network alpine ash
This will create a new container and attach it to the my-macvlan-network
network. You can then use this network to communicate with other containers or hosts on the physical network.
You can also specify additional options when creating the MACVLAN network, such as the name of the interface to use for the MACVLAN driver, by using the --opt
flag followed by the option and its value. For example:
docker network create -d macvlan --subnet=192.168.0.0/24 --opt parent=eth0 my-macvlan-network
This will use the eth0
interface for the MACVLAN driver and attach the my-macvlan-network
network to it.
You can also use the --label
flag to add a label to the network, which can be useful for organizing your networks. For example:
docker network create -d macvlan --subnet=192.168.0.0/24 --label my-macvlan-network my-macvlan-network
This will create a new Docker network with the label my-macvlan-network
and attach it to the eth0
interface using the MACVLAN driver.
sudo docker network create -d macvlan \
--subnet=192.168.1.0/24 \
--gateway=192.168.1.1 \
-o parent=ovs_bond0 pub_net