" /> IPVLAN - Libretech Journal
Libretech Journal

IPVLAN

All posts tagged IPVLAN by Libretech Journal
  • Posted on

    Master Docker's Complex Networking

    The video emphasizes the importance of understanding Docker networking, highlighting its complexity and potential for increased control and isolation of containers.

    Seven Docker Network Types

    Docker offers seven distinct network types:
    1. Default bridge
    2. User-defined bridge
    3. Host
    4. MacVLAN
    5. IPVLAN (L2 and L3)
    6. Overlay
    7. None

    Each offers different levels of isolation, connectivity, and complexity.

    Default Bridge Network

    This default network is simple to use but lacks isolation. Containers share a virtual network, requiring manual port exposure for external access. It automatically creates virtual ethernet interfaces and handles DHCP.

    User-Defined Bridge Network

    This allows for creating custom networks, providing better isolation than the default bridge. Containers on different user-defined bridge networks cannot communicate unless specifically configured. Offers container-to-container DNS resolution by name.

    Host Network

    Containers on the host network share the host's IP address and ports, eliminating the need for port exposure but sacrificing isolation. Suitable for applications requiring direct host access.

    MacVLAN Network

    Connects containers directly to the physical network, giving each container its own MAC and IP address.

    • Requires enabling promiscuous mode on the host and network interfaces.
    • Can cause conflicts with devices that don't support multiple MACs on a single port.
    • Offers direct access without port exposure but requires manual IP assignments to avoid DHCP conflicts.

    IPVLAN Network (L2)

    Similar to MacVLAN but avoids MAC conflicts by sharing the host's MAC address with containers. Provides a balance between isolation and ease of network integration.

    IPVLAN Network (L3)

    A layer 3 network turning the host into a router.

    • Containers are connected via IP addresses, eliminating broadcast traffic.
    • Requires static route configuration on the physical network router to enable communication with external networks.
    • Offers fine-grained control and isolation through routing configurations.

    Overlay Network

    Designed for multi-host environments like Docker Swarm or Kubernetes. Abstracts network complexity by providing a single logical network across multiple hosts.

    None Network

    Provides no networking capabilities, isolating containers completely from external access.

"> ');