This is concerning my other topic How to assign public IP address to Docker container, so that I can access them on my network?
I discovered that if I want my containers available directly on our network, I need to enable promiscuous mode on the virtual switch (on vmware esxi). Then creating docker network using macvlan driver I was able to achieve that. But I don’t want to enable promiscuous mode on switch, when there is a lot of other virtual machines.
My question is, why the macvlan driver does not work without the promiscuous mode?

This is my understanding:
In macvlan, a single interface has multiple ip and mac. With promiscuous mode, we are allowing packets that are not just destined to the single mac address allocated to the interface. The macvlan intelligence is at higher layer and not at virtual switch, so we need to enable promiscuous mode to allow packets destined to other mac.

That makes sense, thanks! I am no network specialist, so I am trying to understand it as much as possible.