I have a few applications that I run in containers, and that need full network access. Mostly because they rely on broadcast and multicast for some of their functionality.
So currently I do something like this:
podman network create -d macvlan -o parent=eht0 --subnet 192.168.3.0/24 --gateway 192.168.3.1 lan
And then attach a pod to it:
podman run --network lan --ip 192.168.3.204 <other options>
This results in the application being visible on the network on its own IP, and being able to do multicast etc...
This however only works with rootfull containers, as macvlan does not work for rootless.
Is there however an way to do this rootless that I missed?