How to connect to MACVLAN LXCs from host?

I have a bunch of containers getting IPs via DHCP over MACVLAN and everything works great, but I can’t access them from the host. @Simos’ excellent and extraordinarily useful blog says this is possible, but the page he links is from 2012 and doesn’t work with netplan and the new “ip” command.

Does anyone have a clear-cut easy to follow tutorial to do this in Ubuntu 18.04? My google-fu has failed me there, even though it seems like this would be a pretty common question! I tried adding a second IP to my host interface via ip addr add and then setting static routes over it but this did not work.

Network config:

config: {}
description: ""
name: eno1
type: physical
- /1.0/containers/plex
managed: false
status: ""
locations: []

Container config:

architecture: x86_64
  boot.autostart: "true"
  image.architecture: amd64
  image.description: ubuntu 18.04 LTS amd64 (release) (20180724)
  image.label: release
  image.os: ubuntu
  image.release: bionic
  image.serial: "20180724"
  image.version: "18.04"
  raw.lxc: lxc.cgroup.devices.allow=a
  security.privileged: "true"
  volatile.base_image: 38219778c2cf02521f34f950580ce3af0e4b61fbaf2b4411a7a6c4f0736071f9
  volatile.eth0.hwaddr: 00:16:3e:42:e5:dd
  volatile.idmap.base: "0" '[]'
  volatile.last_state.idmap: '[]'
  volatile.last_state.power: RUNNING
    path: /nas
    source: /media/Nastassia
    type: disk
ephemeral: false
- default
stateful: false
description: ""

And profile:

  environment.TZ: America/New_York
description: Default LXD profile
    name: eth0
    nictype: macvlan
    parent: eno1
    type: nic
    path: /
    pool: zfspool
    type: disk
name: default
- /1.0/containers/plex

No very easy way with macvlan. Basically the issue is that the design of macvlan doesn’t allow for traffic between the parent device (eno1) and any of the macvlan slave devices (the containers).

The usual workaround for this is to effectively unconfigure any IP you have on eno1 itself, then create yet another macvlan device (through ip link or your distro’s network management solution) and set your IP addresses and routes on that device instead.

With that, your host and containers will effectively all be at the same level and will be able to communicate with each other and with the outside.

Yeah, was hoping for a walkthrough on how to do that.