Docker Community Forums

Share and learn in the Docker community.

Docker image not receiving traffic via macvlan

I’m running docker on a Raspberry Pi and have several macvlan networks. I’m trying to run the PiHole docker image connecting to the existing macvlan network.

Host ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:de:5c:ff:65  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.28.9  netmask 255.255.255.0  broadcast 192.168.28.255
        inet6 fe80::3232:402d:aaf8:539d  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:a3:9b:78  txqueuelen 1000  (Ethernet)
        RX packets 75102  bytes 14119174 (13.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 15305  bytes 3318336 (3.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0.66: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.66.9  netmask 255.255.255.0  broadcast 192.168.66.255
        inet6 fe80::771d:94bf:49bb:bf4  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:a3:9b:78  txqueuelen 1000  (Ethernet)
        RX packets 9454  bytes 1326022 (1.2 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 9159  bytes 1659722 (1.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0.76: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.76.9  netmask 255.255.255.0  broadcast 192.168.76.255
        inet6 fe80::22b5:e86b:5a13:5f8f  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:a3:9b:78  txqueuelen 1000  (Ethernet)
        RX packets 219  bytes 17586 (17.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 36  bytes 3508 (3.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 10  bytes 838 (838.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 10  bytes 838 (838.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
docker network ls
NETWORK ID     NAME         DRIVER    SCOPE
9d9a2e8c019c   bridge       bridge    local
dda7db02a0c4   host         host      local
e609ec5dd85c   macvlan-28   macvlan   local
d069d49a88d1   macvlan-66   macvlan   local
99fc39f0335b   macvlan-77   macvlan   local
9c251aacc00d   none         null      local
docker network inspect macvlan-66
[
    {
        "Name": "macvlan-66",
        "Id": "d069d49a88d1b5fd0804e57c96291b90ad0ff2d887eaea8adf751388239f919c",
        "Created": "2021-03-22T16:08:04.66937887Z",
        "Scope": "local",
        "Driver": "macvlan",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "192.168.66.0/24",
                    "IPRange": "192.168.66.192/27",
                    "Gateway": "192.168.66.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "148274f6cc52bb70011949879900f01be135d86dc63efc94e8f924d34fbd26c2": {
                "Name": "pihole",
                "EndpointID": "95c0e45f5f11625df47a63d921f96ea8eb9c75471b8f89d3dfcaa5bb7d8786fb",
                "MacAddress": "02:42:c0:a8:42:c0",
                "IPv4Address": "192.168.66.192/24",
                "IPv6Address": ""
            }
        },
        "Options": {
            "parent": "eth0.66"
        },
        "Labels": {}
    }
]
PiHole docker-compose.yaml
version: '3'

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    hostname: pihole
    # domainname:
    cap_add:
      - NET_ADMIN
    networks:
      macvlan-66:
        ipv4_address: 192.168.66.192
    volumes:
      - './etc-pihole/:/etc/pihole/'
      - './etc-dnsmasq.d/:/etc/dnsmasq.d/'
    dns:
      - 127.0.0.1
      - 185.37.37.37
      - 185.37.39.39
      - 8.8.8.8
      - 8.8.4.4
    ports:
      - "443/tcp"
      - "53/tcp"
      - "53/udp"
      - "67/udp"
      - "80/tcp"
    environment:
      TZ: 'Europe/London'
      ServerIP: 192.168.66.9         # <-- Update (match ipv4_address)
      # INTERFACE: eth
      # VIRTUAL_HOST:   # <-- Update (match hostname + domainname)
      # WEBPASSWORD: "password"                   # <-- Add password (if required)
    restart: unless-stopped

networks:
  macvlan-66:
    external: true

Running docker-compose runs fine, but when I visit the IP with a browser it won’t load. I can ping the IP successfully.

If I run a test httpd file, it runs fine and is accessible via a browser at the IP address.

httpd docker-compose.yaml
version: '3'

services:
  httpd:
    image: httpd:latest
    container_name: httpd    
    networks:
      - macvlan-66

networks:
  macvlan-66:
    external: true

There is obviously something wrong with my PiHole compose file but I can’t figure out what!

I’m running docker on a Raspberry Pi 3b (Raspbian buster), accessed via a docker SSH context from a MacBook Air (11.2.1).

docker version
Client: Docker Engine - Community
 Cloud integration: 1.0.9
 Version:           20.10.5
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        55c4c88
 Built:             Tue Mar  2 20:13:00 2021
 OS/Arch:           darwin/amd64
 Context:           pi
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.5
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       363e9a8
  Built:            Tue Mar  2 20:16:18 2021
  OS/Arch:          linux/arm
  Experimental:     false
 containerd:
  Version:          1.4.4
  GitCommit:        05f951a3781f4f2c1911b05e61c160e9c30eaa8e
 runc:
  Version:          1.0.0-rc93
  GitCommit:        12644e614e25b05da6fd08a38ffa0cfe1903fdec
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

The PiHole docker-compose.yaml is cribbed from https://hub.docker.com/r/pihole/pihole and http://tonylawrence.com/posts/unix/synology/free-your-synology-ports/ as linked in the PiHole documentation.