> That scheme in my case would not work. I have two interfaces inside the 
> container, and each one talks to a different network, for business reasons. I 
> use policy-based-routing to make sure that packets go to the right places. I 
> need that the container can hold a full configuration. In my case, I use 
> ifupdown, not netplan, since my containers are for an older version of Debian.
> It is "not right" that ipvlan does not work out-of-the-box like macvlan or 
> veth. Somebody has to fix it. I cannot use macvlan because Vmware only allows 
> multiple macs if the entire network is set in promiscuous mode, and that 
> kills performance. So basically the only workaround is ipvlan. As I said, if 
> you use type=phys and ipvlan inside the host, it works fine, without altering 
> the container.

Apparently this also works, as long as you have the same ip in
container config and inside the container

Container config:
# Network configuration
lxc.net.0.name = eth0
lxc.net.0.type = ipvlan
lxc.net.0.ipvlan.mode = l3s
lxc.net.0.l2proxy = 1
lxc.net.0.link = eth0
lxc.net.0.ipv4.address =

inside the container -> normal networking config (e.g. /etc/netplan/10-lxc.yaml)
  version: 2
      dhcp4: no
      addresses: []
        addresses: []

