So, check this little idea that I have - I want to browse the internet without all sorts of unscrupulous actors collecting every little bit of metadata on me and my family they can possibly get their hands on.
If your using docker and the ports are bound you can just use the network mode host so the container gets it’s own ip. It’s how I have adguard running on my unraid server
That’s not how that works. network_mode: host shares the network namespace with the container host, so it doesn’t do any NAT, it only exists on the host’s IP. It would be akin to running a natively installed app, rather than in a container. macvlan networking is what gives a container its own IP on the logical network, without the layer of NAT that the default bridge mode networking that docker typically does.
Thanks for the clarification I had mixed up the details and went to check my containers. You sir are correct. I added some documentation to my post regarding macvlan network creation.
If your using docker and the ports are bound you can just use the network mode host so the container gets it’s own ip. It’s how I have adguard running on my unraid server
edit: Sorry I mixed up the details as @starkzarn@infosec.pub pointed out. It’s a macvlan configuration. My intention was to point out it’s possible. Here’s some documentation https://docs.docker.com/engine/network/drivers/macvlan/
That’s not how that works.
network_mode: hostshares the network namespace with the container host, so it doesn’t do any NAT, it only exists on the host’s IP. It would be akin to running a natively installed app, rather than in a container.macvlannetworking is what gives a container its own IP on the logical network, without the layer of NAT that the defaultbridgemode networking that docker typically does.Thanks for the clarification I had mixed up the details and went to check my containers. You sir are correct. I added some documentation to my post regarding macvlan network creation.
Thanks, PoopMonster, that’s a good tip!