I think that’s more of a VMWare question than a LXD question.
PROMISCUOUS mode usually means that all switch traffic is replicated to all member, effectively turning the switch into a hub. That’s obviously terrible for performance and likely explains what you noticed.
LXD containers don’t need the parent device to be in promiscuous mode, they’re not an IDS or similar software that does need a copy of all traffic.
But the reason why you needed promiscuous mode to be enabled is because turning this on, also allows the virtual machine to advertise multiple MACs on the network interface, which is necessary for containers to work (as each will have its own MAC address).
Now hopefully there is some setting in VMWare that lets you disable port security, allowing for multiple MACs on the same network interface without also requiring you to turn on full promiscuous mode.
If you can find that, then that’ll fix your problem. If that’s not possible, then you’re pretty much left with 3 options:
- Promiscuous mode and its performance impact
- Pass one network interface per container and use the
physicalnictype in LXD - Don’t use L2 networking, route a subnet to each of your hosts and have each host provide DHCP for that subnet in LXD. Depending on the design of your network, this may be very difficult to do though.