How to replace default network interface with macvlan?

    • How to replace default network interface with macvlan?


      I've set up docker containers which use macvlan interfaces.These include pi-hole and a vpn server (softether). Everything works fine, except for one little thing: I can't reach the webinterface if I am connected from external via vpn. This is by design, because macvlan are isolated and can't communicate with it's parent device. But the different macvlan interfaces can communicate with each other. (I.e. the vpn-connection is filtered by pihole).

      I found a solution how docker containers with macvlan interfaces could communicate with OMV - theoretically. The idea is to replace the physical interface with a macvlan interface and let all communication run through it. To achive this, /etc/netwokrs/interfaces needs to be modified.

      Look here:…ommunicating_with/dqd16zx and here:
      Unfortunately I don't know how to put this in Openmediavault (I am also a bloody linux noob).

      OMV has control over the interfaces, so that they can't be edited directly (
      According to this post (Customize /etc/network/interfaces the OMV way [>= 1.11]) it is possible to add additional interfaces. But I'm not sure if it is possible to edit or override a existing interface....

      Anyway, I created a new file "my-macvlan" in /etc/network/interface.d/ with the following content (since I use dhcp and want a static mac address I had to modify the template):

      Source Code

      1. auto enp1s0
      2. allow-hotplug enp1s0
      3. iface enp1s0 inet manual
      4. auto macvlan0
      5. iface macvlan0 inet dhcp
      6. dns-nameservers
      7. dns-search
      8. pre-up ip link add macvlan0 link enp1s0 address: 6E:26:8F:C9:E3:C5 type macvlan mode bridge
      9. pre-down ethtool -s $IFACE wol g
      10. post-down ip link del macvlan0 link enp1so type macvlan mode bridge
      Display All

      I restartet OMV afterwards but nothing changed. My /etc/network/interface remainded unchanged:

      Source Code

      1. # Include additional interface stanzas.
      2. source-directory interfaces.d
      3. # The loopback network interface
      4. auto lo
      5. iface lo inet loopback
      6. # enp1s0 network interface
      7. auto enp1s0
      8. allow-hotplug enp1s0
      9. iface enp1s0 inet dhcp
      10. dns-nameservers
      11. dns-search
      12. pre-down ethtool -s $IFACE wol g
      13. iface enp1s0 inet6 manual
      14. pre-down ip -6 addr flush dev $IFACE
      Display All

      Where did I make a mistake? Can this even work?
    • I haven't given up yet!
      I think my configuration script above was wrong and couldn't work at all. In the help I found this example:

      I also made some progress with the macvlan topic. With the help of these hints:…-namespaces/400247#400247 (first method) I was able to access the host via vpn dial-in. I can now access the omv gui as well as smb shares from outside my lan. This is a temporay solution till next reboot, though.

      I'm not sure if this it a good solution in terms of performance and reliability. Creating two interfaces with the same ip seems a little bit "dirty" to me, but I'm no expert at all.
      The second solution (replace physical interface with macvlan completely) seems to be the "clean" way, but I haven't been brave enough to test this yet ;). I'm afraid that problems may occur later (e.g. updates) if I change the network configuration so substantially.

      What you do think?


      1. # enp1s0 is physical interface
      2. # host/omv:
      3. # vpn container:
      4. ip link add macvlan0 link enp1s0 type macvlan mode bridge
      5. ip addr add dev macvlan0 noprefixroute
      6. ip link set macvlan0 up
      7. ip route add dev macvlan0
    • Users Online 2

      2 Guests