LXC Macvlan networking
Macvlan basically allows a single physical interface to be associated with multiple IPs and MAC addresses. Macvlan has 4 modes and offers various levels of isolation but we will mainly focus on bridge mode here. You can use macvlan in bridge mode to connect containers or VMs to the host network so they will be on the same layer 2 network as your host.
This is similar to using a direct host bridge but macvlan is supposed to be more efficient than using using a normal bridge. Also keep in mind with macvlan in bridge mode the containers can reach the network and each other but not the host.
Let's create a macvlan bridge on the host and bring it up.
ip link add mvlan0 link eth0 type macvlan mode bridge ifconfig mvlan0 up
Now you can connect multiple containers to the 'mvlan0' interface and they will get their IPs directly from the router connected to your host or you can assign them static IPs. The network section of the container config file will look like below.
lxc.network.type = macvlan lxc.network.macvlan.mode = bridge lxc.network.flags = up lxc.network.link = mvlan0 lxc.network.name = eth0 lxc.network.hwaddr = 00:16:3e:41:11:65 lxc.network.mtu = 1500
The macvlan mode may be useful for assigning public IPs with specific mac addresses to containers with providers like OVH who insist on this or to experiment with isolation. If you uncomment the 'lxc.network.macvlan.mode = bridge" the containers will be isolated and will not be able to reach other.
