How do you secure your unRAID network?


Konfitüre

Recommended Posts

Hi

If you put your Docker containers on the bridge network, they can reach other containers on that network and not the host (which is good) but they can't reach the Internet.
If you put your Docker containers on the br0 network, they can reach other containers on that network and not the host (which is good) but any device outside my Docker can reach that Docker.
My home network is 192.168.6.0
My server has IP address 192.168.6.10
The br0 network is also 192.168.6.0

I have 3 network cards in the server.
1: eth0 with br0
2: eth1 with br1
3: eth2 with br2
But when I create a docker network with br1 or br2, these containers do not get access to the web.
I would like to have the Docker containers on a separate network 172.16.0.0 so they can get to the internet and not the host.
As an example of what I would like:
Nextcloud with 172.16.0.5 can get to the internet, cannot reach the unRAID host 192.168.6.10 and cannot be reached from 192.168.6.0. Nextcloud is only reachable from the outside via a proxy that has a leg in both networks (192.168.6.6 and 172.16.0.6).
Unfortunately I have no idea how to do this without a firewall.
How do you do this at home?

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.