The exact way the kernel level macvlan code will behave is pretty NIC dependent.
In most cases, all it does is update the MAC table in the NIC to listen for additional MACs, then forward frames headed to those MACs directly into the virtual macvlan interface.
That effectively saves you from having to use PROMISCUOUS mode on the NIC, so long as you don’t exceed the MAC table size.
Because of where it hooks into the kernel though, macvlan devices cannot talk to anything that’s bound on the parent device. This tends to be the most annoying limitation of it.
As for what LXC/LXD is doing in your case, I’m a bit confused as to your exact setup.
If you’re using LXD, can you post:
- lxc network list
- lxc config show --expanded NAME (for your two containers)
That should help me understand your actual setup.