On my Centos 7.6, kernel 3.10.0-957.1.3, docker 1.13.1-88-git07f3373, I want to implement this network configuration with docker.
I want to have an external system that can communicate only with a dedicated container hosted on the CentOS.
I have the external system connected to the port 5 in the vlan 5 to a switch.
I have the CentOS server connected to the port 1 of the switch, this port is in trunk mode (802.1q).
On the CentOS server I have these interfaces:
eth1 physical interface connected to the switch trunk (802.1q) with no ip.
eth1.5 with no ip for the 802.1q.
veth1.5 interface of the container with no ip
virbr1.5 a bridge with eth1.5 and veth1.5
The container have the ip.
I have arptables and iptables rules applied on the bridge interfaces, to authorise only the external system to communicate with the container.
How can I implement this with docker ?