So I have these in my /etc/network/interfaces:

# The macvlan network subinterface
auto mac0
iface mac0 inet manual
pre-up ip link add mac0 link enp1s0 type macvlan mode bridge
pre-up ip addr add 192.168.20.110/32 dev mac0
post-up ip route add 192.168.20.96/28 dev mac0
post-down ip link del mac0 link enp1s0 type macvlan mode bridge

I'm doing this because I use macvlan in some of my docker containers for them to have their own IP's (in the same subnet) while on a single physical host. However, without the mac0 interface in the host, it won't reach the docker containers. This is explained here.

Everything is working well except that sometimes packets coming from the same physical host use the macvlan interface IP (192.168.20.110) instead of its actual enp1s0 interface IP (192.168.20.22). That makes sense because it's sharing the same interface and has essentially two IP's with the same MAC address.

However, without actually assigning an IP address on the mac0 interface, sometimes my whole networks gets bogged down when traffic from one of the docker containers using the docker macvlan network gets initiated.

So my question is how do I stop the host from using the mac0 interface IP as source IP when it is initiating traffic out the physical network?

Anybody?

BUMP!

BUMP!

Hi, I found your post really inspiring, thanks. I used little bit modified version - it is necessary to just bring the interface up before the Debian configures it for you. Something like:

In my case I omit the auto mac0 line and bound it to real interface up and down. So my actual config looks like (I enhanced enp1s0 definition by post-up and pre-down scripts to handle additional mac0 interface):

I was able to share the main network interface with Docker. I used the following configuration:

This uses randomly generated MAC address for mac0 interface, so if you want to have a fixed one, just add hwaddress aa:bb:cc:dd:ee:ff to the mac0 interface parameters. You can configure the mac0 interface as usual, no need to have it static (see man interfaces).

I had to restart the system to get this working (/etc/init.d/networking restart was not enough).

And in Docker Compose (all IP addresses are just examples), use:

Thanks for all the comments in this thread. It is the solution for me with a LAN of 172.16.0.0/16 and a docker macvlan subnet of 172.16.100.0/24. Both other machines on the network and the host are able to access the services in this macvlan network.

On one machine I'm using a Debian style /etc/network/interfaces setup like @oldium (except I don't set the gateway as I don't want this to be a default route on the host).

On another machine I'm using the systemd-networkd style setup like this:

/etc/systemd/network/20-wired.network
/etc/systemd/network/40-br-macvlan.netdev
/etc/systemd/network/40-br-macvlan.network
Cheers!