Hello Community

I want to create 3 IPVLAN Mode L3 network instances on my Docker host:

172.16.101.16/28 => Name: network1
172.16.101.32/28 => Name: network2
172.16.101.45/28 => Name: network3

In order for the network instance to reach the GW and thus IP addresses outside the network instance, I have to specify the parent interface when creating the instance. Otherwise it won’t work.

Example:

docker network create -d ipvlan \
--subnet 172.16.101.16/28 \
-o parent=eno1 -o ipvlan_mode=l3 \
network1

If I create this one network instance, everything works.

The problem is that I can’t create another network instance. For example, this one:

docker network create -d ipvlan \
--subnet 172.16.101.32/28 \
-o parent=eno1 -o ipvlan_mode=l3 \
network2

When I try to create the second network instance, I get this error message:

Error response from daemon: network di-0be9895ca25b is already using parent interface eno1

What would work would be this:

docker network create -d ipvlan \
--subnet 172.16.101.16/28 \
-o parent=eno1 -o ipvlan_mode=l3 \
--subnet 172.16.101.32/28 \
--subnet 172.16.101.48/28 \
network1

But then everything runs under the same network instance and I can’t separate the networks by apps. If it doesn’t work on the CLI, then it won’t work in Docker Compose files either. But it should actually work. Because you can create different network instances if it’s not IPVLAN L3.

Does anyone have experience with that?

Here is a limitation in Docker regarding IPVLAN L3 that was improved for MACVLANs in version 27.0. It is not possible to create multiple network instances for different apps in different Docker Compose files. IPVLAN L3 Driver Bug or How Does It Work? · moby/moby · Discussion #48051 · GitHub

If you are affected by this limitation, please add the comment “me too” to this thread. With this improvement, Docker will unfold its full IPVLAN L3 potential.

Weniger anzeigen