cd7240f6d9
We document that an macvlan network with no parent interface is equivalent to a '--internal' network. But, in this case, an macvlan network was still configured with a gateway. So, DNS proxying would be enabled in the internal resolver (and, if the host's resolver was on a localhost address, requests to external resolvers from the host's network namespace would succeed). This change disables configuration of a gateway for a macvlan Endpoint if no parent interface is specified. (Note if a parent interface with no external network is supplied as '-o parent=<dummy>', the gateway will still be set up. Documentation will need to be updated to note that '--internal' should be used to prevent DNS request forwarding in this case.) Signed-off-by: Rob Murray <rob.murray@docker.com> |
||
|---|---|---|
| .. | ||
| bridge | ||
| host | ||
| ipvlan | ||
| macvlan | ||
| null | ||
| overlay | ||
| remote | ||
| windows | ||