I would like to install a DHCP server in a container to provide the devices (some raspberry pis and network switches) connected to the host system with IP addresses.
I start the container with "--net=host" flag in order to listen on broadcast traffic. It is working as expected. All devices get their IP address from the DHCP server.
However, the "--net=host" option represents an increased security risk. Do you know if there is a better option to acchieve the same? I could install both docker and podman on my system.
If there is no other option, how could I restrict the visibility of the network from the container so that it can only see the specific network interface where all devices are connected?
