Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docker-dhcpd and macvlan interfaces #25

Open
rostchri opened this issue Mar 11, 2020 · 1 comment
Open

docker-dhcpd and macvlan interfaces #25

rostchri opened this issue Mar 11, 2020 · 1 comment
Labels
enhancement help wanted

Comments

@rostchri
Copy link

The following information is useful for everybody who is using macvlan-interfaces and dhcpd ...

To get network-boot/docker-dhcpd working with macvlan-interfaces in a setup like this:

    version: "3"
    networks:
       macvlan-network1:
         external:
             name: macvlan-network1
       macvlan-network2:
         external:
             name: macvlan-network2
       macvlan-network3:
         external:
             name: macvlan-network3
    services:
      dhcpd:
        cap_add:
        - NET_ADMIN
        container_name: dhcpd
        hostname: dhcpd
        image: networkboot/dhcpd:latest
        networks:
            macvlan-network1:
                aliases:
                - dhcpd_network1
                ipv4_address: 10.0.0.7
            macvlan-network2:
                aliases:
                - dhcpd_network2
                ipv4_address: 10.1.0.7
            macvlan-network3:
                aliases:
                - dhcpd_network3
                ipv4_address: 192.168.132.7

the entrypoint.sh script should be extended by:

for i in /sys/class/net/eth*
do 
  echo "### Enabling promiscous mode for network-interface $${i##*/net/}"
  ip link set $${i##*/net/} promisc on || ifconfig $${i##*/net/} promisc
done

I don't know exactly why this is needed for macvlan, but with promiscuous-mode enabled interfaces, the dhcpd works fine in the above setup. Without promisc-mode, the dhcpd is not answering to broadcast-requests at all. To get the interfaces in the promisc-mode NET_ADMIN-capability is needed and the docker-image should be extended by iproute2 (ip-command) or net-tools (ifconfig-command). Maybe together with an environment-variable which signalize
entrypoint.sh to put the interfaces in promiscuous mode ...

At least this case should be mentioned in the documentation ...
@rostchri rostchri changed the title doecker-dhcpd and macvlan interfaces docker-dhcpd and macvlan interfaces Mar 11, 2020
@robinsmidsrod
Copy link
Contributor

@rostchri This is not a bad idea, but I think it would be beneficial if this is an optional feature to enable, possibly with an environment variable. I'm thinking maybe setting PROMISC=1 would be a decent way of turning it on. Alternatively, the network interface glob to enable promiscious mode for should be in the environment variable, e.g. PROMISC=eth*.

Could you try to supply a PR with these things in mind?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@robinsmidsrod @rostchri