Is true Layer 2 access possible with docker container?

networking docker

All the container networking examples I saw seems to provide container a L3 network which means it is on a separate L2 network from host. Bridge interface also seems to for L2 network between containers only.

Is it possible to launch a docker container such that it has full Layer 2 access. For example, to run tcpdump within the container to capture packet of a specific host interface?


Solution 1:

Sure. Launch a container with --network host and it’ll not get its own network namespace. This has massive security implications.

Related

Samba wake server from sleep?
Hashfails and corrupted downloads when retrieving files directly via ISP connection but things clear up when using a VPN
Wireshark does not open URLs in GET requests anymore
Would that be a bug? Immediate closing of the current cmd window when executing: move nul 2>&0
Manually start screensaver with password protect
Microsoft Word is adding extra space between words as I type
I can't install SP1 on Windows 7
How can I correctly install visual studio code on CentOS 7?
Keyboard sending completely different scan codes
How to find IP address in WinDbg Windows Kernel Debugging
Dual boot Ubuntu doesn't boot with error "cannot find TOCBLOCK, database maybe corrupt."
Nexus 7 3G [2012] problem with ubuntu touch