So, check this little idea that I have - I want to browse the internet without all sorts of unscrupulous actors collecting every little bit of metadata on me and my family they can possibly get their hands on.
If your using docker and the ports are bound you can just use the network mode host so the container gets it’s own ip. It’s how I have adguard running on my unraid server
That’s not how that works. network_mode: host shares the network namespace with the container host, so it doesn’t do any NAT, it only exists on the host’s IP. It would be akin to running a natively installed app, rather than in a container. macvlan networking is what gives a container its own IP on the logical network, without the layer of NAT that the default bridge mode networking that docker typically does.
If your using docker and the ports are bound you can just use the network mode host so the container gets it’s own ip. It’s how I have adguard running on my unraid server
That’s not how that works.
network_mode: hostshares the network namespace with the container host, so it doesn’t do any NAT, it only exists on the host’s IP. It would be akin to running a natively installed app, rather than in a container.macvlannetworking is what gives a container its own IP on the logical network, without the layer of NAT that the defaultbridgemode networking that docker typically does.Thanks, PoopMonster, that’s a good tip!