Hey everyone,
I know there has been a lot of people who have separate isolated networks for certain containers or VMs but I'm unable to find a clear cut set of instructions on how to properly get everything working with the kind of setup that I want to achieve. I am also not very intellectual when it comes to networking and hope someone is able to help me understand it just a bit more.
Context:
I am getting into setting up my own CCTV system using the Frigate docker container (open to other suggestions as well). I currently have been using the main network interface eth0 for everything. Now that I want to setup CCTV, I decided to get an unmanaged PoE switch and have it directly connected to my Unraid server as a separate eth1 interface. Then the only connections other than the Unraid server itself to the switch, would be all of the IP PoE cameras. There would be no connection between the PoE switch to my main router. This way from my understanding, isolates and blocks all outbound traffic. Here is what my eth1 interface configuration looks like:
I have also enabled the br1 custom network in the Docker settings:
Now I'm able to create the Frigate docker container and have it use the br1 network just fine. It is also able to pick up the test camera that I had defined a static IP for within that subnet prior to hooking it up to the PoE switch.
However I am unable to access the web UI of Frigate from within my LAN ie: my personal computer accessing the Unraid admin UI and then attempting to open the web UI of the Frigate docker container. The way that I can actually open the Frigate docker container web UI is by using an Unraid VM on the br1 network, defining my own IP on the subnet, and then hitting the web UI URL:PORT.
Could anyone provide some guidance on what I would need to do to be able to expose the web UI of that Frigate docker container on that different network interface to my LAN or if this is even possible? I could have completely botched my understanding of how I should be going about isolating these PoE IP cameras (both hardware and network configuration). If this isn't possible with the current path I've taken, would someone be able to provide some guidance for me on what the correct approach actually is? Any help or information would be super appreciated.
Thank you!