Docker Community Forums

Share and learn in the Docker community.

Assign multiple IPs to same docker container using macvlan

Hi All,
I am not sure, if it is possible, but still want to double check.
I have currently 2 networks created using macvlan running over my synology. These networks are physically seprated and completely isolated. So device on one network can not communicate to other.

    root@syno:/# docker network ls
    NETWORK ID      NAME               DRIVER              SCOPE
    12434567        priNet             macvlan             local
    76543210        secNet             macvlan             local

I am using these networks as my primary home network and other for my smart home devices. I am able to attach any docker container to any one of them. However, now I would like to attach some containers to both of them.
So I updated my docker-compose to attach container to both networks.

    version: "3.7"
        image: someImage:latest
          TZ: 'Europe/Berlin'
           - /etc/localtime:/etc/localtime:ro
        restart: always
        external: true
        name: priNet
        external: true
        name: secNet

After running this docker compose file, I get following error

level=fatal msg=\\\\\\\"failed to add interface dockerb21a0fc to sandbox: error setting interface \\\\\\\\\\\\\\\"dockerb21a0fc\\\\\\\\\\\\\\\" IP to cannot program address in sandbox interface because it conflicts with existing route {Ifindex: 194 Dst: Src: Gw: <nil> Flags: [] Table: 254}\\\\\\\"\\\\n\\\"\"": unknown

Do you think if what I am doing is right way to do it ? Or is it even technically possible ? I am also fine to achive same thing by some other way…

Many thanks for your all of your suggestions…

As an interim answer to my question. It is possible to do this by making two changes:

  1. Add --cap-add=NET_ADMIN to the create command, e.g.

docker create
–network pub_net
-h mycontainer
–name mycontainer
2) Skip step 3 and add the ip address within the docker container:

docker start mycontainer mycontainer docker attach mycontainer
/ # ip a a dev eth0
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
10: eth0@if2: <NO-CARRIER,BROADCAST,MULTICAST,UP,M-DOWN> mtu 1500 qdisc noqueue state LOWERLAYERDOWN
link/ether 02:42:c0:a8:c8:03 brd ff:ff:ff:ff:ff:ff
inet scope global eth0
valid_lft forever preferred_lft forever
inet scope global secondary eth0
valid_lft forever preferred_lft forever
/ #
This works, as I can now ping and access the same container via either IP.

However, the caveat is that the IPs must be manually managed. Only the original IP in the create command shows up in docker network inspect