While building a microservice stack on a single RHEL server with Podman, the security team gives you these networking requirements:
Containers must communicate with one another on an isolated private subnet that exists only on the host.
Services should discover each other by container name without hard-coding IP addresses.
The upstream switch may not see any new MAC addresses, and external clients must reach the application only through host ports you explicitly publish with the -p option.
Which built-in container network driver should you create to meet all of these requirements?
A user-defined bridge network is implemented as a software bridge inside the host. Each container receives a private IP address on that bridge and the embedded DNS service lets containers resolve each other by name. Packets leaving the bridge are NATed through the host, so only ports you publish are reachable and no additional MAC addresses appear on the physical network. Host networking would put the containers directly on the host's stack with no isolation or port-mapping control, macvlan would assign every container its own MAC address on the LAN (violating the switch policy), and overlay is intended for multi-host communication rather than a single host scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a user-defined bridge network in Podman?
Open an interactive chat with Bash
Why doesn't the macvlan driver work for this scenario?
Open an interactive chat with Bash
How does Podman ensure name resolution between containers on a bridge network?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Services and User Management
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access