Update section about host networking with ipvlan info

After being asked about how a single container could serve multiple VLANs by @Heinicke (Shinykey#4602 on Discord) I said I had no clue, so the same person then experimented some and came up with a solution involving the ipvlan network driver. To help other people in the future we should probably try to add this example, even though it does requre a lot of adaptions by other users to reflect their setup.
JonasAlfredsson · Oct 15, 2022 · 3331c8c · 3331c8c
1 parent 7a898e7
commit 3331c8c
Show file tree

Hide file tree

Showing 2 changed files with 88 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -106,12 +106,20 @@ in the command above. However, I would suggest you read the
 affects these services before trying anything else.
 
 #### Docker Network Mode
-When you want to run your DHCP server for real you will need to set the
-container to use the `host` network, else the requests and responses will not
-leave the Docker network. You *could* [fiddle][9] with a [macvlan][8] setup,
-but I would not bother. Furthermore, [IPv6 support][10] in Docker is a little
-bit [messy][11] right now so with that one your other choices are a bit limited
-either way.
+When you want to run your DHCP server for real you will need to make sure that
+the incoming [DHCP packages][22] can reach your service, and this will not
+happen in case you put the containers on a normal Docker network.
+
+For basic home use I would recommend just setting the container to use the
+[`host`][24] network, since this will be the absolute easiest way to get around
+most issues.  However, you *could* [fiddle][9] with a [macvlan][8] or an
+[ipvlan][23] ([example](./examples/multiple-vlans/docker-compose.yml)) setup in
+case you have more advanced needs, but unless you know you need this I would not
+bother.
+
+Additionally, [IPv6 support][10] in Docker is a little bit [messy][11] right
+now so if you want to deploy that your other choices are a bit limited either
+way.
 
 Setting the `host` network is done by adding
 
@@ -208,3 +216,6 @@ RUN ldconfig /usr/local/lib/kea/hooks  # <--- Alpine
 [19]: https://github.com/JonasAlfredsson/ansible-role-kea_dhcp
 [20]: https://kea.readthedocs.io/en/latest/arm/config.html
 [21]: https://kea.readthedocs.io/en/latest/arm/config.html#json-syntax
+[22]: https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol#DHCP_message_types
+[23]: https://docs.docker.com/network/ipvlan/
+[24]: https://docs.docker.com/network/host/
diff --git a/examples/multiple-vlans/docker-compose.yml b/examples/multiple-vlans/docker-compose.yml
@@ -0,0 +1,71 @@
+# This docker-compose file was provided by @Heinicke in the official Discord
+# channel (Shinykey#4602), so all credit goes to them.
+# This is not a functional example since your VLAN environment and interface
+# names will probably be unique to you. Perform an `ip addr show` to see your
+# options, and then just modify this config like this:
+#
+# driver_opts:
+#    parent: <interface name>.<vlan number>
+#
+# In the current setup the parent network interface (enp5s0) has a single
+# connection to the switch which is a trunk with VLAN 10, 20, 30 and 40, all of
+# which will be correctly forwarded to the DHCP service.
+# The upstream switch will then only need to be set up to properly forward
+# the correct VLANs on this trunk.
+services:
+  dhcp4:
+    image: jonasal/kea-dhcp4:2
+    restart: unless-stopped
+    command: -c /kea/config/dhcp4.json
+    volumes:
+      - ./json-config:/kea/config
+      - sockets:/kea/sockets
+      - leases:/kea/leases
+      - ./logs:/kea/logs
+    networks:
+      vlan10:
+        ipv4_address: <ip>
+      vlan20:
+        ipv4_address: <ip>
+      vlan30:
+        ipv4_address: <ip>
+      vlan40:
+        ipv4_address: <ip>
+
+volumes:
+  sockets:
+  leases:
+
+networks:
+  vlan10:
+    driver: ipvlan
+    driver_opts:
+      parent: enp5s0.10
+    ipam:
+      config:
+        - subnet: <subnet>
+          gateway: <gateway>
+  vlan20:
+    driver: ipvlan
+    driver_opts:
+      parent: enp5s0.20
+    ipam:
+      config:
+        - subnet: <subnet>
+          gateway: <gateway>
+  vlan30:
+    driver: ipvlan
+    driver_opts:
+      parent: enp5s0.30
+    ipam:
+      config:
+        - subnet: <subnet>
+          gateway: <gateway>
+  vlan40:
+    driver: ipvlan
+    driver_opts:
+      parent: enp5s0.40
+    ipam:
+      config:
+        - subnet: <subnet>
+          gateway: <gateway>