Search

A macvlan network tells Docker to give a container its own virtual MAC address and bind it directly to a physical (or virtual) network interface on the host. From your router and switch’s perspective, the container looks like a separate device plugged into the network. This is different from the default Docker bridge networking, where containers share the host’s IP and use NAT to talk to the outside world. With macvlan, there’s no NAT, no port mapping, and no proxy — the container gets a real IP on your subnet. That makes it ideal for: Wake-on-LAN tools that need to send magic packets on a spe

With bridge networking, containers share the host’s IP and use NAT to reach the outside world. With macvlan, each container gets its own IP directly on your physical network — no NAT, no port forwarding. Macvlan behaves more like adding a new device to your network, while bridge networking behaves more like a software router sitting between the container and your LAN.

Yes. Once the macvlan network is created, you can attach as many containers as you want to it — each gets its own static IP on the VLAN subnet. Just make sure each IP is unique and outside your DHCP pool.

Ports 53, 80, and 443 are commonly used by other Synology packages, which means Pi-hole can’t bind to them on the default bridge network without conflicts. A macvlan network gives Pi-hole its own dedicated IP address on your LAN, so it gets exclusive access to those ports.