Docker MACVLAN only works Outbound

问题

I'm trying to setup a MACVLAN for my docker containers. I have a fresh Raspbian and Docker installation and followed the steps outlined to the Docker Documentation to create a MACVLAN: https://docs.docker.com/network/network-tutorial-macvlan.

The Network looks as follows:

[
    {
        "Name": "pub_net",
        "Id": "782c49f79f549b11f04a6df98b8b2cbf52deef072e036306231309e44a1c9f3a",
        "Created": "2020-02-25T14:44:12.105402396+01:00",
        "Scope": "local",
        "Driver": "macvlan",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "192.168.178.0/24",
                    "Gateway": "192.168.178.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "682a47a60a5478d19b8c6fc923e11c949f70c5c07fe4dc8d94a772524c2820a1": {
                "Name": "IoBroker",
                "EndpointID": "5e7068dd9330792a91e1f1f023bd052d91d1fa93f50a2eb670ef8be81b61587f",
                "MacAddress": "02:42:c0:a8:b2:02",
                "IPv4Address": "192.168.178.2/24",
                "IPv6Address": ""
            }
        },
        "Options": {
            "parent": "eth0"
        },
        "Labels": {}
    }

Let's say i have an Alpine container attached to that network. From inside the container, I can access the internet and everything on my network just fine. I can't however access any container inside the MACVLAN from outside. I know this does usually not work from the host, but I'm not trying to access the container from the host, but from another machine on my network. The IP of the Container is not reachable form the outside.

If I follow the steps to allow the host to access the containers on the MACVLAN (create another MACVLAN and add routing table entry), I can access the containers from the host, but still not from the outside.

Maybe this is more of a Linux networking issue than a Docker one?

Docker Version: 19.03.6 OS: Raspbian Buster 10, Kernel Version 4.19.97-v7+

Does ideas would be appreciated.

回答1:

Seems like this is an ARP issue in the Linux Kernel version used in Raspbian. After Updating the Kernel via sudo rpi-update it now works for me.

回答2:

actually I have the same issue since Friday last week.

If I ping the host trying to access the docker container, from the inside of the container (your alpine container), I can access the container from the outside, till I restart the container itself.

I know this is not a solution but maybe helps to identify the issue.

Best Aviation

来源：https://stackoverflow.com/questions/60396696/docker-macvlan-only-works-outbound