I’m running Home Assistant using Docker Compose, and for security reasons, I prefer not to enable the network_mode: host option. However, I’ve encountered a problem where many integrations, such as Apple TV, don’t work because broadcast packets aren’t received in this setup.
From my research, it seems that the root cause is the lack of proper handling for mDNS broadcasts within this configuration. A possible solution I found is to set up an mDNS repeater to bridge this gap, but I’m not sure how to proceed with this.
Could anyone provide specific guidance or examples of how to set up an mDNS repeater in conjunction with Docker Compose? Alternatively, are there other secure solutions that would allow me to use these integrations without relying on network_mode: host?
To add some detail to the previous answer, macvlan gives the container it’s own virtual interface with it’s own MAC address, Just as if it were a separate device on your network.
This setup worked fine on regular and raspberry flavored Debian 10/11, and is currently running on my Unraid server with only a couple of small tweaks.
I solved this by adding the below mDNS repeater config to my docker-compose. This method does require privileged mode for the repeater container, but maintains logical separation to the docker network as desired.