meta data for this page
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
| linux:docker [2019/03/26 09:54] – [Linux Kernel drivers] niziak | linux:docker [2019/03/28 12:30] – [Linux Kernel drivers] niziak | ||
|---|---|---|---|
| Line 136: | Line 136: | ||
| * Many NICs have a limit on the number of MAC addresses they support in hardware. Exceeding the limit may affect the performance. | * Many NICs have a limit on the number of MAC addresses they support in hardware. Exceeding the limit may affect the performance. | ||
| * IEEE 802.11 doesn’t like multiple MAC addresses on a single client. It is likely macvlan sub-interfaces will be blocked by your wireless interface driver, AP or both | * IEEE 802.11 doesn’t like multiple MAC addresses on a single client. It is likely macvlan sub-interfaces will be blocked by your wireless interface driver, AP or both | ||
| + | * **Note**: Linux Macvlan interface types are not able to ping or communicate with the default namespace IP address. For example, if you create a container and try to ping the Docker host's eth0 it will not work. That traffic is explicitly filtered by the kernel to offer additional provider isolation and security. This is a common gotcha when a user first uses those Linux interface types since it is natural to ping local addresses when testing. | ||
| + | |||
| * **ipvlan** - [[https:// | * **ipvlan** - [[https:// | ||
| * **L2** - bridge mode (requires external router if endpoints are in different networks) | * **L2** - bridge mode (requires external router if endpoints are in different networks) | ||
| Line 144: | Line 146: | ||
| * Shared MAC address can affect DHCP operations. If your VMs or containers use DHCP to acquire network settings, make sure they use unique ClientID in the DHCP request and ensure your DHCP server assigns IP addresses based on ClientID, not client’s MAC address. | * Shared MAC address can affect DHCP operations. If your VMs or containers use DHCP to acquire network settings, make sure they use unique ClientID in the DHCP request and ensure your DHCP server assigns IP addresses based on ClientID, not client’s MAC address. | ||
| * Autoconfigured EUI-64 IPv6 addresses are based on MAC address. All VMs or containers sharing the same parent interface will auto-generate the same IPv6 address. Ensure that your VMs or containers use static IPv6 addresses or IPv6 privacy addresses and disable SLAAC. | * Autoconfigured EUI-64 IPv6 addresses are based on MAC address. All VMs or containers sharing the same parent interface will auto-generate the same IPv6 address. Ensure that your VMs or containers use static IPv6 addresses or IPv6 privacy addresses and disable SLAAC. | ||
| + | |||
| + | ==== macvlan details ==== | ||
| + | |||
| + | [[https:// | ||
| + | Macvlan modes: | ||
| + | * private - frames are sent into cable. But even if exernal switch forwards packets back according to mac address, packet will be dropped. | ||
| + | * VEPA - alla frames are sent int cable. External switch has to forward it back to provide communication between maclvan interfaces. | ||
| + | * IEEE 802.1Qbg aka Virtual Ethernet Port Aggregator physical switch | ||
| + | * Bridge - all macvlan interfaces bridged internally. Traffic between macvlans are forwarded locally. Broadcast packets are formwared locally and into the cable. But if external switch reflects packets, packets are filtered to prevent duplicates. | ||
| + | * **passtrhru** - assign real physical interface for single VM (and gives full controll to interface) | ||
| + | |||
| Line 172: | Line 185: | ||
| name: real_lan | name: real_lan | ||
| </ | </ | ||
| + | |||
| + | or | ||
| + | <code bash> | ||
| ====== data persistence in swarm ====== | ====== data persistence in swarm ====== | ||