linuxdockerraspberry-pi3macvlanraspbian-buster

Docker MACVLAN only works Outbound


I'm trying to setup a MACVLAN for my docker containers. I have a fresh Raspbian and Docker installation and followed the steps outlined to the Docker Documentation to create a MACVLAN: https://docs.docker.com/network/network-tutorial-macvlan.

The Network looks as follows:

[
    {
        "Name": "pub_net",
        "Id": "782c49f79f549b11f04a6df98b8b2cbf52deef072e036306231309e44a1c9f3a",
        "Created": "2020-02-25T14:44:12.105402396+01:00",
        "Scope": "local",
        "Driver": "macvlan",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "192.168.178.0/24",
                    "Gateway": "192.168.178.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "682a47a60a5478d19b8c6fc923e11c949f70c5c07fe4dc8d94a772524c2820a1": {
                "Name": "IoBroker",
                "EndpointID": "5e7068dd9330792a91e1f1f023bd052d91d1fa93f50a2eb670ef8be81b61587f",
                "MacAddress": "02:42:c0:a8:b2:02",
                "IPv4Address": "192.168.178.2/24",
                "IPv6Address": ""
            }
        },
        "Options": {
            "parent": "eth0"
        },
        "Labels": {}
    }

Let's say i have an Alpine container attached to that network. From inside the container, I can access the internet and everything on my network just fine. I can't however access any container inside the MACVLAN from outside. I know this does usually not work from the host, but I'm not trying to access the container from the host, but from another machine on my network. The IP of the Container is not reachable form the outside.

If I follow the steps to allow the host to access the containers on the MACVLAN (create another MACVLAN and add routing table entry), I can access the containers from the host, but still not from the outside.

Maybe this is more of a Linux networking issue than a Docker one?

Docker Version: 19.03.6 OS: Raspbian Buster 10, Kernel Version 4.19.97-v7+

Does ideas would be appreciated.


Solution

  • Seems like this is an ARP issue in the Linux Kernel version used in Raspbian. After Updating the Kernel via sudo rpi-update it now works for me.