I’m in the midst of a project that made to convert an existing VOIP legacy system into a dockerized form. The existing system consists of 5 different Linux machines, each machine is having 2 different network interfaces – one exposed to the public WAN, and the other is a private Lan network. I plan on creating a docker compose file for setting up the orchestration.
The network roughly looks like this:
Server #1 Eth0: IP 192.168.0.200/24 Eth1: IP X.X.X.65/27
Server #2 Eth0: IP 192.168.0.201/24 Eth1: IP X.X.X.66/27
Server #3 Eth0: IP 192.168.0.202/24 Eth1: IP X.X.X.87/27
Server #4 Eth0: IP 192.168.0.203/24 Eth1: IP Y.Y.Y.240/27
Server #5 Eth0: IP 192.168.0.204/24 Eth1: IP Y.Y.Y.241/27
Servers 1-3 are part of the same subnet, so are servers 4-5.
I am trying to find the best way to convert this network setup into docker networks, I want every container to preserve his public IP (the one on Eth1, meaning that traffic generated from the container will keep the same public IP it had on the original server), but also to be able to communicate with every other docker container on the same private net, while also keeping it easily managable and having the least overhead possible.
I’ve created 3 macvlan networks and 1 bridge network using docker-compose, but the problem is that DNS resolution provides every container with the IP address I gave it in the Macvlan network it belongs to, say 2 dockers were assigned to the bridge network and to the same Macvlan network, resolving each other container name will provide with their Macvlan address rather than the Bridge IP address. I would like to force communication between all containers over the BRIDGE network only (essentialy setting the Macvlan network into private mode). How can I acheieve that?
Source: Docker Questions