Regarding macvlan's with docker, I tried to use them in the past and while I liked the idea of having every container on it's own mac /ip address in the home network space, I couldn't get the host to communicate directly with them.
Everyone on the LAN could talk to my containers, except the host itself. IIRC there was/is some tricky part where you have to change the default route and create new iptables to make it work that way, but It seemed rather hacky and not secure at all.
Now that I'm a bit more experienced with docker and all, do you know if this is possible or still one of the downside of macvlan's?
Edit: reference. I see he updated his post in 2023, maybe worth a new shot !!