macvlan driver doesn't work in MacOS

[ajoldham]

Continuation of : https://github.com/docker/for-mac/issues/3447 as it was auto-closed. This isn't fixed in the latest Docker Edge 19.03.2 with MacOS 10.14.6.

---

$ ifconfig en9 en9: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=4 ether 58:ef:68:7d:06:05 inet6 fe80::1028:71b1:5694:b4bf%en9 prefixlen 64 secured scopeid 0x12 inet 10.42.34.91 netmask 0xfffffc00 broadcast 10.42.35.255 nd6 options=201<PERFORMNUD,DAD> media: autoselect (1000baseT ) status: active $ docker network create -d macvlan --subnet=10.42.32.0/22 --gateway=10.42.32.1 -o parent=en9 pub_net Error response from daemon: invalid subinterface vlan name en9, example formatting is eth0.10

[neuraload]

+1

[neuraload]

+1

[neuraload]

+1

[benknight135]

+1

[yqchilde]

+1

[cracyfloyd]

+1

[almdandi]

+1

[coraxster]

+1

[cracyfloyd]

+1 Please please please

[kingozorg]

Why is it so hard to solve this? Anyone knows what to do now?

[maxlim33]

+1

[touy]

I think there is no hope, just go back and use VM Virtualbox or something else...

[touy]

Mine issue : docker-compose

version: "3.7"

services: eservice: image: node:16 container_name: eservice ports:

• 22222:80 restart: always networks: vlan30: ipv4_address: 172.16.4.2

IOT_LAN.

networks: vlan30: driver: ipvlan driver_opts: parent: eth1.30 ipam: config:

• subnet: 172.16.4.0/16

failed to create network etlservice_vlan30: Error response from daemon: -o parent interface was not found on the host: eth1

[Shogobg]

+1

[yairtabib]

+1

[christophermclellan]

Hi all - we'll investigate this in our next sprint, commencing Monday 15-August. I'll post back here with an update shortly.

[vschwaberow]

+1

[toddbu]

Just to add another use case, I'm trying to put a public interface on a Docker container using Vagrant. The important bits of the Vagrantfile look like this...

  config.vm.define "default",primary: true do |master|
    config.vm.network "public_network"
  end

When Vagrant attempts to create this interface it issues the following command...

docker network create vagrant_network_public_en0 --opt parent=en0 --subnet 10.0.0.0/24 --driver macvlan --gateway 10.0.0.1 --ip-range 10.0.0.0/24

The response back from Docker is this...

Error response from daemon: invalid subinterface vlan name en0, example formatting is eth0.10

When I try to set the parent to en0.0, I get this...

$ docker network create vagrant_network_public_en0 --opt parent=en0.0 --subnet 10.0.0.0/24 --driver macvlan --gateway 10.0.0.1 --ip-range 10.0.0.0/24
Error response from daemon: -o parent interface does was not found on the host: en0

But that interface exists on my Mac...

$ ifconfig
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=6463<RXCSUM,TXCSUM,TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
    ether 1c:57:dc:34:95:30
    inet6 fe80::182c:5997:9104:b977%en0 prefixlen 64 secured scopeid 0xb
    inet 10.0.0.30 netmask 0xffffff00 broadcast 10.0.0.255
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active

Thanks much for looking into this 👍

[kisa77]

+1 wait for update

[paulm17]

So what happened to the "sprint" ? Did anyone solve this by moving to podman or another docker alternative? I really don't want to use a linux box since I have a mac that works just fine... 🤔

[mminks]

Your keyboard seems to be broken as well @mephmanx. Fix it for the community and make everyone happy.

[touy]

All guys, react and ask respectfully, please.

[mandroid19]

Problem still exists..

[TechJedi51]

A workaround would also be welcome....

[abrylka]

Could I just rename the existing interface, e.g. en0 to eth0?

[vschwaberow]

Could I just rename the existing interface, e.g. en0 to eth0?

Not working.

[jeffypooo]

Please fix this!

[MarsWangyang]

Waiting for update

[carlnc]

Docker Desktop (ie: Docker on MacOS) runs inside a virtual machine.

The reason that "eth0" works (and doesn't) is because, inside that VM, there is an eth0.

The docker command is the "docker client" for sending commands to the docker daemon/containerd inside the linux virtual machine. (ie: nothing runs locally)

You can have a look around inside the VM by running

socat -d -d ~/Library/Containers/com.docker.docker/Data/debug-shell.sock pty,rawer &

(Note the line PTY is /dev/ttysXXX)

followed by

screen /dev/ttysXXX

To get basic things like --mount type=bind to work takes magic, and I'm sure networking is 10 times harder than that.

[quico637]

I want to run a RMI java server inside a container, but can't access it from outside. This is because DNAT rules from docker are not matching with low level bind function used inside RMI technology. I tried mtacvlan in macOS in eth0 and I have the same problem as you guys.

[srgg]

Any chance of getting this fixed? Please...

[michaelprescott]

It's been years. I still follow the issue hoping that they'll eventually fix it because I do use docker a lot now, but I think at this point, we can concede that fixing it isn't a priority. I think you could get a NUC or similar low power PC and run linux on it, where it does work properly, but at least my needs, the Mac mini's are the best cost to performance ratio. So, I still resort to creating a lightweight VMware VM when I need this capability.

[srgg]

@michaelprescott, with all respect to the docker team, I've bought several books and will learn k8ts on holiday. Also going to try minikube hope it helps https://stackoverflow.com/questions/42268814/routing-an-internal-kubernetes-ip-address-to-the-host-system

[shivaperumalsamy]

Following..! is anyone working on it?

[toddbu]

I've been doing all of my development work in a Docker container since 2017 (and using Docker since 2015). I find this eliminates a lot of issues that crop up when building on one platform and deploying on another. In the past, I ran Docker in a VirtualBox VM with no issues. When I replaced my MacBook with an ARM processor (M2) this past summer, I had to find a new solution since VirtualBox does not and likely will not support ARM. I tried UTM for virtualization but it was not yet ready for prime time. Parallels was not an option due to expense (subscription model). So I loaded up Docker Desktop (DD). It was easy-to-use and met some of my most basic needs. I used it until today when I finally gave up and switched back to regular VMs. There are two issues that keep DD from playing in the league of the big boys...

1. This issue - because DD doesn't allow me to map NAT ports on-the-fly like VirtualBox, I need to have a dedicated IP accessible from my Mac (and preferably wifi network) so that I can use whatever ports I want with the underlying VM. Combining the age of this issue with the lack of progress and communication on status then I can only assume that it will be a long time before this is fixed, if ever

2. Lack of control over the DD host - yup, with some work you can get to the QEMU host but there is not a lot that you can do from there. Because I'm doing all of my development work in a dedicated dev container then it's great to have the Docker CLI installed in the container and then map /var/run/docker.sock from the host to the container. Additionally you just need to chmod 777 /var/run/docker/sock so that it's accessible from the container. I couldn't figure out how to do an equivalent in DD after about an hour of investigation. The Linux distro that DD runs is set up weird (at least for a Debian guy) so I didn't want to spend the time jumping through hoops

I get that DD is supposed to be easy-to-use and I'll agree that it is. It's just incomplete for my needs. Since I made my earlier post UTM has come out with version 4 and it is spectacular! So I'm moving back to managing my own VMs so that I get everything that I want and need

[supremesyntax]

i did not read all the comments, just wanted to add that this issue is also affecting linux/ubuntu when installed in a vm. naming scheme is ens{...} in my case. i can rename the adapter(s) with udev rules to fit the assumption of docker that every adapter name is starting with eth but this is very inconvenient

[jeremyolsen]

@supremesyntax - did renaming the adapters work for you? Are you able to communicate with other containers on different hosts now? This would be a welcome workaround if so.

[ay18]

can confirm it's still broken

[iTim314]

Still broken.

# docker network create --driver macvlan --subnet 10.29.0.0/24 --gateway 10.29.0.1 -o parent=en0 vnet-docker

Error response from daemon: invalid subinterface vlan name en0, example formatting is eth0.10

[jeremyolsen]

I have a workaround for this. It's not a good solution, but importantly, it works.

I create a VM using vagrant and then installed the docker add-on inside the Ubuntu VM. The VM must be in bridged mode, and then I'm able to create the docker macvlan network inside the VM. This allows me to setup a container development environment using VSCode. I could just create my environment directly in the VM and skip using docker, but this doesn't allow me to switch OS's when testing, etc. Performance seems OK, so I'll stick with it for now.

[dontcrash]

+1 on this, so many things are broken on Docker for macOS wow

[expresspotato]

Same problem with the ipvlan type on Mac OS... Really frustrated with the team at Docker lately. Honestly let's prioritize bs features like Docker Scout when networking hasn't worked and is utterly broken past basic expose / publish ports, and this ticket was opened 4 years ago.

[johnelliott]

+1, I am surprised and disappointed this is broken on MacOS.

[emailyc]

Recently needed a solution for this and can't believe it's still broken.

[danericp]

I have to transfer to virtual machines just because this isn't working..

[JeelPatel2000]

+1, still broken, hoping that it gets fixed soon 🙏

[Riad00]

+1, same issue.

[Bergruebe]

I having the same problem with Docker Desktop 4.15.0 on macOS 10.15.7 (Catalina).

[dontcrash]

Ended up switching to a VM running on macOS with 802.1Q to get this functionality

[miamilabs]

Glad i am not the only one... same issue here...