Docker networking without IP addresses (for SDN)

General
1

I want to use docker for some experiments with software-defined networking, running emulators (which use pcap in promiscuous mode with their own IP stack) and the like. For this I need to connect containers to one or more bridge(s) without assigning them an IP address and gateway.

I understand that I can use pipework (https://github.com/jpetazzo/pipework) for this, but I was wondering if there’s a native solution in Docker that I’m missing, as it would massively simplify the cleanup/teardown operation in my scripts, for example

thanks
-Michael

2

You may be able to write your own network driver.

3

Hi Nathan,

I don’t think that a network driver will work since the network plugin will always expect (and receive from docker) an IP address and gateway specification as part of the API (see here under “create network”: https://github.com/docker/libnetwork/blob/master/docs/remote.md)

If it would be possible to omit the IP address somehow, then the regular docker bridges would already work just fine for my purposes, but as far as I know is that you cannot omit layer 3 configuration when creating a network. If I’m wrong, please point me in the right direction

4

Ah, too bad. Unfortunately I think this one’s a bit above my weight class, but @mavenugo might have some ideas.

5

Yes. With the current plugin specification, it isnt possible to omit IP Address. But with 1.11, we introduced a concept of --ipam-driver=nil. This will let the network plugin control the fate of container’s ip-address. I haven’t tried the case when the plugin deliberately omit the ip-address/gateway.

6

Any news on this topic?
I really would like to be able to connect containers using pure L2 bridging/switching.
I tried to use the ipam “null” driver but the network driver complains about empty ipv4 pool.

7

Listen to this

8

Hi, little late on chiming in on this, but I just got a random notification, so I wanted to throw out a couple of examples if they help.

Example 1:

docker network create -d macvlan \
    --subnet=192.168.1.0/24 \
    --gateway=192.168.1.1  \
    -o parent=eth1 mcv1

    docker run --net=mcv1 -it --ip=192.168.1.50 --rm alpine /bin/sh

Example 2 (more complex options):

docker network create -d macvlan  \
  --subnet=192.168.136.0/24 --subnet=192.168.138.0/24  \
  --subnet=fd11::/64  \
  --aux-address="exclude1=fd11::2" \
  --aux-address="exclude2=192.168.136.2" \
  --aux-address="exclude3=192.168.138.2" \
  --ip-range=192.168.136.0/25 \
  --ip-range=192.168.138.0/25 \
  -o host_iface=eth0.131 \
  -o macvlan_mode=bridge macnet131

# Start containers on the network
docker run --net=macnet131 -itd alpine /bin/sh
docker run --net=macnet131 --ip=192.168.136.10 --ip6=fd11::10 -itd alpine /bin/sh
docker run --net=macnet131 --ip6=fd11::11 -itd alpine /bin/sh

docker rm -f `docker ps -qa`

docker run --net=macnet131 -itd alpine /bin/sh
docker run --net=macnet131 --ip=192.168.136.10 --ip6=fd11::10 -itd alpine /bin/sh
docker run --net=macnet131 --ip6=fd11::11 -itd alpine /bin/sh

Thanks!