Jump to content

CrimsonTyphoon

Members
  • Content Count

    74
  • Joined

  • Last visited

Community Reputation

1 Neutral

About CrimsonTyphoon

  • Rank
    Advanced Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Exact same issue, i recently moved my Dockers/VMs to an unassigned SSD and they do not autostart Help?
  2. My favorite unRAID feature: VMs One thing I would like to see: Multiple arrays
  3. Okay Let me explain my situation and summarize my last few posts...lets get some new light in here! pfsense router - 192.168.8.1 (pfsense also acts as DNS server) (network is 192.168.8.0/24) unraid - 192.168.8.151 br0 - docker's on unraid's IP (192.168.8.151:XXXX) & VMs br1.15 - dockers with their own IP. br1.15 is linked to VLAN 15, which I can access no problem throughout my LAN, (i.e sabnzbd.domain.com, sonarr.domain.com) Wireguard network: 10.253.0.0/24 WIreguard is set for remote tunnel access (Allow 0.0.0.0/24) and using pfsense as DNS server (192.168.8.1) pfsense has a static route setup: Network Gateway Interface 10.253.0.0/16 unRAID - 192.168.8.151 Vlan_Internal Things that work through wireguard VPN: Access the internet with unraid/pfsense's WAN IP Access my lan (192.168.8.0/24) Access unraid server Access unraid VMs (They have their own IP on 192.168.8.0/24) Access dockers running on unraid (192.168.8.151:XXXX) DNS lookup dockers with there own IP (I.e. sabnzbd.domain.com resolves to 192.168.8.175) This is a host override in pfsense settings; it will not resolve to any other DNS server, only on my network. Things that dont work through wireguard VPN: Access dockers w/ there own IP (I.e. sabnzbd.domain.com or 192.168.8.175 does not work) Ping docker's with there own custom IP (see below for example) I am looking to be able to access my docker's with there own IP through the wireguard VPN connection. Things I have tried / notes: wireguard settings Nat OFF or Nat ON. Nat OFF nothing works, Nat ON is the behavior above. unraid's routing table: ROTOCOL ROUTE GATEWAY METRIC IPv4 default 192.168.8.1 via br0 1 IPv4 10.253.0.2 wg0 1 IPv4 172.17.0.0/16 docker0 1 IPv4 192.168.8.0/24 br0 1 IPv4 192.168.122.0/24 virbr0 1 Ping on my local LAN: $ traceroute 192.168.8.175 1?: [LOCALHOST] pmtu 1500 1: sabnzbd.domain.com 10.045ms reached 1: sabnzbd.domain.com 2.332ms reached Resume: pmtu 1500 hops 1 back 1 Ping through the wireguard tunnel: $ traceroute 192.168.8.175 1?: [LOCALHOST] pmtu 1280 1: 10.253.0.1 52.842ms 1: 10.253.0.1 63.555ms 2: no reply 3: no reply ^C Rebooted pfsense and unraid Made sure there were allow rules pfsense Pfsense does not show anything in logs blocking the 10.253.0.0/16 network. So...who's got ideas?
  4. Through wireguard, I cannot access dockers that have custom IPs.....
  5. @bonienl First and foremost, thank you for all of your help and your wonderful plugin! Everything you do for the community is greatly appreciated :-) I did some troubleshooting but still no dice. I turned off NAT in wireguard settings. Nothing works (no surprise there?) When i do a nslookup, I get an error message, "Got recursion not available from 8.8.4.4, trying next server". Then it does not work and I get, "server cannot find sabnzbd.domain.com: Refused. This is interesting - I specifically put my pfsense router as the DNS server. However, when I turn on NAT and do the same thing, it uses 8.8.8.8, and resolves sabnzbd.domain.com . Note: sabnzbd.domain.com will only resolve internally, as I have a domain override in pfSense. Therefore, even though it says its using 8.8.8.8 it is really using 192.168.8.1 (pfsense) I did a packet capture on the lan port on pfSense: - When I visit a docker with it's own IP, I do not see the packet. - When I visit a docker with unraid's IP, I do not see the packet. This makes sense because unraid is not sending it the router and back, its routing it internally Because I dont see the packet both times I am going to assume that the macvlan driver is blocking it as a docker security mechanism (again, I am not an expert in networking, so for all I know I am completely off base here). I actually had t his same problem with the OpenVPN docker, but gave up and just used OpenVPN on pfsense. Going to try to make a new vlan, and assign unraid to it somehow so it wireguard only uses that interface? Back to the drawing board I suppose (although since I have to stop the array, gotta wait until the server is not in use :-) )
  6. Here you go: On Wifi: $ traceroute 192.168.8.175 1?: [LOCALHOST] pmtu 1500 1: sabnzbd.domain.com 10.045ms reached 1: sabnzbd.domain.com 2.332ms reached Resume: pmtu 1500 hops 1 back 1 On Wireguard: $ traceroute 192.168.8.75 1?: [LOCALHOST] pmtu 1280 1: 10.253.0.1 52.842ms 1: 10.253.0.1 63.555ms 2: no reply 3: no reply ^C I am not a network expert, but it seems that the unRaid server (10.253.0.1) gets the packet, but has no idea what to do with it and drops it? I do not see it blocked in my pfSense logs either.
  7. Hmm, I use the pfSense as the DNS server, because i have custom entries pointing to my various dockers (sabnzbd.domain.com, sonarr.domain.com, etc.) They all sit behind my reverse proxy docker at 192.168.8.175. I have updated the latest version of the plugin to add the DNS settings. Going directly to the domain (sabznbd.domain.com, thru reverse proxy) or accessing directly via IP (192.168.8.100) does not work. Through the WebUI it goes through the IP and does not work either :-/ Edit: Here is unRAID's routing table: PROTOCOL ROUTE GATEWAY METRIC IPv4 default 192.168.8.1 via br0 1 IPv4 10.253.0.2 wg0 1 IPv4 172.17.0.0/16 docker0 1 IPv4 192.168.8.0/24 br0 1 IPv4 192.168.122.0/24 virbr0 1
  8. I have "remote tunnel access" enabled for my peer (the client has AllowedIPs=0.0.0.0/0 to tunnel all traffic thru the VPN tunnel) Updated OP to reflect this
  9. Hello, I must be close but cant figure out the last piece of the puzzle! I have gotten wireguard working, but cannot access dockers not on the bridge network (aka docker's with their own IP) I cannot access dockers with there own IP (192.168.8.0/24). I can access dockers on unraid's IP (192.168.8.151) Wireguard network: 10.253.0.0/24 Router: 192.168.8.1 Unraid IP: 192.168.8.151 (network 192.168.8.0/24) I have "remote tunnel access" enabled for my peer (the client has AllowedIPs=0.0.0.0/0 to tunnel all traffic thru the VPN tunnel) Here's my pfSense static route: Network Gateway Interface 10.253.0.0/16 unRAID - 192.168.8.151 Vlan_Internal What am I missing?
  10. Hello, I stopped using this docker for awhile because I couldn't do what I wanted to do w/ it, but with all the updates I thought I would crack at it again: Vlan 5 - Main network Vlan 15 - Docker network for Sabnzbd, Sonarr, Radarr, etc. If i run this container in bridge mode (Vlan 5), I cannot access Vlan 15 because of the macvlan driver (expected behavior) I cant get the OpenVPN server to start if I run in host, br1.5, br1.15, etc. So how can I run this in bridge mode and be able to access the Vlan15 network? Do I need a static route on my router? (using pfSense)
  11. I would like to know this as well. I want to run it on one of my customer networks (br1.20) so it can access dockers and the unRAID host, but could never figure it out.
  12. Here are my settings under 6.5.3 / 6.6.0 IPv4 custom network on interface br0: Subnet: 192.168.20.0/24 Gateway: 192.168.20.1 DHCP pool: not set IPv4 custom network on interface br1.10: Subnet: 192.168.10.0/24 Gateway: 192.168.10.1 DHCP pool: not set IPv4 custom network on interface br1.20: Subnet: 192.168.20.0/24 Gateway: 192.168.20.254 DHCP pool: not set NETWORK ID NAME DRIVER SCOPE b9b4178725d9 br0 macvlan local 0b839cad0823 br1.10 macvlan local 37bff31973a8 br1.20 macvlan local e1ef694e36c7 bridge bridge local f9bfd58f90c4 host host local 7759dbce282b none null local Under 6.5.3, I can set the network type to any of the networks when adding/updating a container. In 6..6.0, I can pick everything except br1.20