containers/netavark

bridge doesn't work with DHCP

jimparis opened this issue · 1 comments

jimparis commented

With podman version 4.7.2, netavark version 1.8.0:

macvlan driver works with DHCP:

# podman network create --disable-dns --driver macvlan --interface-name brint --ipam-driver dhcp lan
lan
# podman run -it --rm --network=lan alpine ip addr show eth0
2: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether 4e:81:42:14:17:be brd ff:ff:ff:ff:ff:ff
    inet 10.0.103.174/16 brd 10.0.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::4c81:42ff:fe14:17be/64 scope link tentative 
       valid_lft forever preferred_lft forever

(note assigned 10.0.103.174 address there)

But bridge does not:

# podman network rm lan
# podman network create --disable-dns --driver bridge --interface-name brint --ipam-driver dhcp lan
lan
# podman run -it --rm --network=lan alpine ip addr show eth0
2: eth0@if28: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether c6:9b:3d:ec:27:6c brd ff:ff:ff:ff:ff:ff
    inet6 fe80::c49b:3dff:feec:276c/64 scope link tentative 
       valid_lft forever preferred_lft forever

Is this configuration supportable?

(For my setup, I need bridge instead of macvlan so that the host can communicate with the container too. I can work around it with --cap-add NET_ADMIN,NET_RAW and running udhcpc inside the container, but would prefer to avoid that if possible.)

jimparis commented

Actually this seems straightforward to support: #869

# podman network rm lan
lan
# podman network create --disable-dns --driver bridge --interface-name brint --ipam-driver dhcp lan
lan
# podman run -it --rm --network=lan alpine ip addr show eth0
2: eth0@if34: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether d6:7e:53:56:2b:27 brd ff:ff:ff:ff:ff:ff
    inet 10.0.103.178/16 brd 10.0.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::d47e:53ff:fe56:2b27/64 scope link tentative 
       valid_lft forever preferred_lft forever