i have an question about networks and traefik.
What i want to achieve, i would like to separate my traefik containers LAN IP from the host LAN IP. So i can set Firewall rules for the host and traefik container separately.
So my idea is, i configure traefik with an MACVLAN (bridge with LAN IP) and internal docker network to communicate with the containers.
In an short test i started the traefik container with the internal network and used the docker command "docker network connect macvlan traefik" to connect the container to the bridge (macvlan) network.
I found out, also the default gateway from the traefik container changes to the bridge (macvlan) network, what would be exactly what i want. So traefik can talk internally with the containers and with the bridge network to the LAN/WAN etc. In my first test it worked exactly how i wanted.
My question now, is there a better way to do this? Would i run into any known mayor problems?
Do anybody use this setup already?