Issue Type: Docker Networking issue
OS: CentOS 7.5 (centos-release-7-5.1804.el7.centos.2.x86_64)
Docker Version 18.03.1-ce, build 9ee9f40
Issue Description:
The docker box is essentially on a Multi Homed box using MacVlan at the OS Level. Each NIC is DHCP with IP Reservations (This is done for Firewall assignments & routes). For the sake of keeping this short, I’ll just use eth0, eth1 and eth2 as the adapters. Each adapter has it’s own MAC address and the IP addressing is picked up properly as well as routing at the firewall. What I need is some containers to talk through bridging to eth0, others though bridging to eth1, and others though bridging to eth2.
Issue replication
Other Device on the network is a simple web server that returns the ip being called from, much like “whatsmyip.org”, but all it returns is the IP. I will refer to it as myip.internal
I build a simple Alpine container with CURL and other DNS Utils with the below Dockerfile

# Dockerfile Network scanning
FROM alpine
# install bash and other stuff
RUN apk add --update --no-cache bind-tools bash gawk sed grep bc coreutils nano curl && mkdir /data && mkdir /app
# Copy Bash Script for doing DIGs and such
COPY findipdata findipdata
# And execute something so the container will start
CMD ["/bin/sh"]

and the findipdata that’s copied over

myip="$(dig +short myip.opendns.com @208.67.222.222)"
myINTip="$(curl myip.internal)"
myhostname="$(dig +short -x ${myINTip})"
echo “My WAN/Public ${myhostname} IP address: ${myip}” > /data/${myhostname}.txt
ifconfig >> /data/${myhostname}.txt

I set up two networks to test with:

docker network create -o parent=eth1 Eth1_Net
docker network create -d macvlan -o parent=eth1 Eth1_Net2

And now I begin:

docker image build -t dockernettest .
docker run -it --name NetTest -v /opt/NetTest:/data --network=“Eth1_Net” --rm dockernettest

and in the container I curl myip.internal, I expect the get the ip address 172.16.1.101 (Eth1’s ip) but I get Eth0’s ip of 172.16.1.100. I exit. and spin up another container on the other docker network.

docker run -it --name NetTest -v /opt/NetTest:/data --network=“Eth1_Net2” --rm dockernettest

and I get

/usr/bin/docker-current: Error response from daemon: failed to create the macvlan port: device or resource busy.

And I’m not sure where I can go from here… I know it the documentation for MacVlan, there is specified IP address “ranges” but I want that managed by the DHCP server unless it is a bridge and those specifications are on the docker side of the network, I’m not to sure one that one. I have other issues with my Dockerfile container with saving the file, and it being accessible outside of Docker but that is minor in comparison.

Thanks
Aaron

UPDATE: updated docker version - Still the same issue

UPDATE: This is a multipart issue…

First, MacVLAN, while it partially worked I needed to update the ARP broadcasting everytime the machine rebooted. which I couldn’t find any details on how to fix that. when I did ARPING from another host to each of the assigned IPs, they all returned with a single MAC address. I needed to run the below commands to fix that

echo 1 >/proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 >/proc/sys/net/ipv4/conf/all/arp_announce
echo 2 >/proc/sys/net/ipv4/conf/all/rp_filter

and then ARPING worked, however a reboot clear these for some reason… and I needed the MACs to route correctly at boot, so I scrapped the project.

The work around, which is not what I was hoping for was to set up a multihost swarm, where one host was routed out the same way one of the MacVLANs was, and limit specific services to that swarm host only.

The second issue was that I was setting up my networks incorrectly…

So this issue I would say is CANCELED, it’s not resolved, but it’s no longer needed

And of course I’ve also updated to 18.06.1-ce, build e68fc7a