0

I would like to know how can I make a docker container accessible outside its own network.

example : docker container have a dedicated ip 172.16.0.240 , the mac0 adress is 172.16.0.40 and the host address is 172.16.0.20

I can access 172.16.0.240 from all devices connected on 172.16.0.0/24

now i want to access it from 172.16.50.0/24.

Right now 172.16.50.0/24 has no issue accessing everything on 172.16.0.0/24 except those using the macvlan ip.

Thanks.

Roshin Raphel
  • 2,612
  • 4
  • 22
  • 40
guillaume
  • 321
  • 1
  • 4
  • 18
  • In typical use you ignore the Docker-internal IP addresses, and instead [publish ports](https://docs.docker.com/config/containers/container-networking/#published-ports) that can be reached via the host's IP address. Is there a specific reason you need an externally-accessible IP address per container? (Do you otherwise assign an IP address per process?) – David Maze Sep 06 '20 at 19:15
  • Actually yeah, its because the app must be fully discoverable on the local network for automations device like hue / smartthings etc, the app has a docker internal ip too but its another segment 172.18.x.x, but no mapping host port – guillaume Sep 06 '20 at 20:09

1 Answers1

0

Mapping ports to the docker host is my recommendation. macvlan has not been very stable in our tests. There are even concerns in docker networking documentation about it https://docs.docker.com/network/macvlan/

If it is really necessary to use macvlan, then try an inbound NAT port forward on pfsense from the 50 LAN to the 0 LAN. Do this for all the ports you need access to.

sharifm
  • 1
  • 2