I'm playing around with this container at the moment, and some of my docker routing knowledge has gone rusty, at least I think that's what's going in.
Problem: Subnet scans are incomplete.
Observations:
1: Most of the Unraid docker containers are running on the default Bridge.
2: I presumed for network scanning purposes that PHPIPAM would want to be on the second bridge I setup (br0) that uses the Docker network MACVLAN driver to allow IP addressing on the specified subnet (the same subnet Unraid lives on). Am I overcomplicating this unnecessarily? On a brief test deploying it instead to the host network it seemed like it was resolving docker 172.16.* addresses, not the 'physical' IP subnet of 192.168.1.0/24, which I suppose makes sense.
3: IIRC MACVLAN driven networks are incapable of communication with the docker host network.
4: Something something IPVLAN is better than MACVLAN?
4: The PHPIPAM-cron container requires NET_ADMIN and NET_RAW capabilities granted, in order to perform scans, and that seems to not be set by default (probably for security).
Anyone who has this setup in a relatively straightforward way to scan a straightforward IP subnet, and could point me in the right direction would be helpful. I'll continue searching and update my findings here if I figure it out myself.
[Support] SAL-e - phpIPAM
in Docker Containers
Posted
I'm playing around with this container at the moment, and some of my docker routing knowledge has gone rusty, at least I think that's what's going in.
Problem: Subnet scans are incomplete.
Observations:
1: Most of the Unraid docker containers are running on the default Bridge.
2: I presumed for network scanning purposes that PHPIPAM would want to be on the second bridge I setup (br0) that uses the Docker network MACVLAN driver to allow IP addressing on the specified subnet (the same subnet Unraid lives on). Am I overcomplicating this unnecessarily? On a brief test deploying it instead to the host network it seemed like it was resolving docker 172.16.* addresses, not the 'physical' IP subnet of 192.168.1.0/24, which I suppose makes sense.
3: IIRC MACVLAN driven networks are incapable of communication with the docker host network.
4: Something something IPVLAN is better than MACVLAN?
4: The PHPIPAM-cron container requires NET_ADMIN and NET_RAW capabilities granted, in order to perform scans, and that seems to not be set by default (probably for security).
Anyone who has this setup in a relatively straightforward way to scan a straightforward IP subnet, and could point me in the right direction would be helpful. I'll continue searching and update my findings here if I figure it out myself.