Join Log in
Score:0
Hayk avatar Server

Cannot connect macvlan to the internet

cn flag
Hayk

When I tried to connect macvlan to the internet and it was not successful. I used namespace to accomplish that. I also checked the comments on this question - How to connect macvlan to the internet?

I have EC2 (Ubuntu 20.04) virtual machine of AWS, where I executed the following commands:

sudo ip netns add net1;
sudo ip link add macvlan1 link eth0 type macvlan mode bridge;
sudo ip link set macvlan1 netns net1;
sudo ip netns exec net1 ip address add 172.31.20.45 peer 172.31.16.1/32 dev macvlan1;
sudo ip netns exec net1 ip link set macvlan1 up; sudo ip netns exec net1 ip link set lo up;
sudo ip netns exec net1 ip route add default via 172.31.16.1;
sudo ip netns exec net1 su -c "screen";

Trying to ping DNS server of Google from the namespace (connect to the internet)

root@aws:/home/meliwex# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 172.31.20.45 icmp_seq=1 Destination Host Unreachable

Trying to ping the gateway

root@aws:/home/meliwex# ping 172.31.16.1
PING 172.31.16.1 (172.31.16.1) 56(84) bytes of data.
From 172.31.20.45 icmp_seq=1 Destination Host Unreachable

Output of ifconfig in the host (I keep the output simple):

docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 9001
        inet 172.31.20.45  netmask 255.255.240.0  broadcast 172.31.31.255
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0

The routing table of the host:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.31.16.1     0.0.0.0         UG    100    0        0 eth0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.31.16.0     0.0.0.0         255.255.240.0   U     0      0        0 eth0
172.31.16.1     0.0.0.0         255.255.255.255 UH    100    0        0 eth0

Output of ifconfig in the namespace (I keep the output simple):

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
macvlan1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 9001
        inet 172.31.20.45  netmask 255.255.255.255  broadcast 0.0.0.0

The routing table of the namespace:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.31.16.1     0.0.0.0         UG    0      0        0 macvlan1
172.31.16.1     0.0.0.0         255.255.255.255 UH    0      0        0 macvlan1

So is it possible to fix this?

67
0 + 0
djdomi avatar
za flag
djdomi
what is the business related question or issue you are facing?
0
Reply
Hayk avatar
cn flag
Hayk
@djdomi I just wanted to test "macvlan" network driver in Docker, but when I tested I faced the problem that the container cannot connect to the internet.
0
Reply
djdomi avatar
za flag
djdomi
yoz did not answer the question i had
0
Reply
Hayk avatar
cn flag
Hayk
@djdomi the issue is that the container in "macvlan" network cannot connect to computers in my physical network (ping doesn't work) In the documentation of "macvlan" network driver (https://docs.docker.com/network/macvlan/) it says: you can use the macvlan network driver to assign a MAC address to each container’s virtual network interface, making it appear to be a physical network interface directly connected to the physical network. I just wanted to test whether I can mask my host's MAC by using Docker container in my physical network.
0
Reply
A.B avatar
cl flag
A.B
You should try the same test outside of AWS to validate it doesn't come from your system. It's quite possible the AWS environment restricts the use of MAC addresses.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.