June 30, 20233 yr So I switched my docker from macvlan to ipvlan due to the posts that say it fixed their server crashes. The only issue is that I use MAC filtering at my router to only allowed known MACs to access the internet (reason: kids have firewall rules that prevent wifi access at night). Since ipvlan does not support setting MACs, how do I allow a docker access to the internet when using MAC address filtering? If I understand right, the docker container assumes the same MAC as the host, IE, the bare metal unraid box. I already tried and I can't add two DHCP reservations in my router with the same MAC. In case it's useful, my router is pfsense and I have the "Enable static ARP entries" ticked, this is how I enforce known MACs. I add static DHCP reservations for each device (including docker containers) on my network. Edited June 30, 20233 yr by nerbonne Adding router info
July 2, 20233 yr Author No one? Well, in the meantime, I switched back to macvlan and my NAS continues to crash... Jul 2 18:12:42 NAS2 kernel: ------------[ cut here ]------------ Jul 2 18:12:42 NAS2 kernel: WARNING: CPU: 6 PID: 897 at net/netfilter/nf_conntrack_core.c:1210 __nf_conntrack_confirm+0xa4/0x2b0 [nf_conntrack] Jul 2 18:12:42 NAS2 kernel: Modules linked in: macvlan xt_mark tun veth xt_nat xt_tcpudp xt_conntrack nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype br_netfilter md_mod zfs(PO) zunicode(PO) zzstd(O) zlua(O) zavl(PO) icp(PO) zcommon(PO) znvpair(PO) spl(O) tcp_diag inet_diag iptable_nat xt_MASQUERADE nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 wireguard curve25519_x86_64 libcurve25519_generic libchacha20poly1305 chacha_x86_64 poly1305_x86_64 ip6_udp_tunnel udp_tunnel libchacha ip6table_filter ip6_tables iptable_filter ip_tables x_tables af_packet 8021q garp mrp bridge stp llc bonding tls edac_mce_amd edac_core kvm_amd kvm btusb btrtl btbcm btintel crct10dif_pclmul bluetooth crc32_pclmul crc32c_intel igb ghash_clmulni_intel sha512_ssse3 aesni_intel nvme crypto_simd i2c_algo_bit sr_mod i2c_piix4 cryptd input_leds wmi_bmof asus_ec_sensors ecdh_generic rapl joydev cdrom led_class k10temp ccp nvme_core ecc i2c_core ahci libahci wmi button acpi_cpufreq unix Jul 2 18:12:42 NAS2 kernel: CPU: 6 PID: 897 Comm: kworker/u64:11 Tainted: P O 6.1.36-Unraid #1 Jul 2 18:12:42 NAS2 kernel: Hardware name: System manufacturer System Product Name/ROG STRIX X570-I GAMING, BIOS 3602 03/05/2021 Jul 2 18:12:42 NAS2 kernel: Workqueue: events_unbound macvlan_process_broadcast [macvlan] Jul 2 18:12:42 NAS2 kernel: RIP: 0010:__nf_conntrack_confirm+0xa4/0x2b0 [nf_conntrack] Jul 2 18:12:42 NAS2 kernel: Code: 44 24 10 e8 e2 e1 ff ff 8b 7c 24 04 89 ea 89 c6 89 04 24 e8 7e e6 ff ff 84 c0 75 a2 48 89 df e8 9b e2 ff ff 85 c0 89 c5 74 18 <0f> 0b 8b 34 24 8b 7c 24 04 e8 18 dd ff ff e8 93 e3 ff ff e9 72 01 Jul 2 18:12:42 NAS2 kernel: RSP: 0018:ffffc9000035cd98 EFLAGS: 00010202 Jul 2 18:12:42 NAS2 kernel: RAX: 0000000000000001 RBX: ffff8881027f7d00 RCX: 1ac922c56511f0f6 Jul 2 18:12:42 NAS2 kernel: RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8881027f7d00 Jul 2 18:12:42 NAS2 kernel: RBP: 0000000000000001 R08: af5d141a55de42a1 R09: 6808344e0185ab68 Jul 2 18:12:42 NAS2 kernel: R10: b66b60a2e2088e72 R11: ffffc9000035cd60 R12: ffffffff82a11440 Jul 2 18:12:42 NAS2 kernel: R13: 000000000000f449 R14: ffff8881030c9b00 R15: 0000000000000000 Jul 2 18:12:42 NAS2 kernel: FS: 0000000000000000(0000) GS:ffff88880e980000(0000) knlGS:0000000000000000 Jul 2 18:12:42 NAS2 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jul 2 18:12:42 NAS2 kernel: CR2: 000003218c0d7000 CR3: 0000000164a7e000 CR4: 0000000000350ee0 Jul 2 18:12:42 NAS2 kernel: Call Trace: Jul 2 18:12:42 NAS2 kernel: <IRQ> Jul 2 18:12:42 NAS2 kernel: ? __warn+0xab/0x122 Jul 2 18:12:42 NAS2 kernel: ? report_bug+0x109/0x17e Jul 2 18:12:42 NAS2 kernel: ? __nf_conntrack_confirm+0xa4/0x2b0 [nf_conntrack] Jul 2 18:12:42 NAS2 kernel: ? handle_bug+0x41/0x6f Jul 2 18:12:42 NAS2 kernel: ? exc_invalid_op+0x13/0x60 Jul 2 18:12:42 NAS2 kernel: ? asm_exc_invalid_op+0x16/0x20 Jul 2 18:12:42 NAS2 kernel: ? __nf_conntrack_confirm+0xa4/0x2b0 [nf_conntrack] Jul 2 18:12:42 NAS2 kernel: ? __nf_conntrack_confirm+0x9e/0x2b0 [nf_conntrack] Jul 2 18:12:42 NAS2 kernel: ? nf_nat_inet_fn+0xc0/0x1a8 [nf_nat] Jul 2 18:12:42 NAS2 kernel: nf_conntrack_confirm+0x25/0x54 [nf_conntrack] Jul 2 18:12:42 NAS2 kernel: nf_hook_slow+0x3d/0x96 Jul 2 18:12:42 NAS2 kernel: ? ip_protocol_deliver_rcu+0x164/0x164 Jul 2 18:12:42 NAS2 kernel: NF_HOOK.constprop.0+0x79/0xd9 Jul 2 18:12:42 NAS2 kernel: ? ip_protocol_deliver_rcu+0x164/0x164 Jul 2 18:12:42 NAS2 kernel: __netif_receive_skb_one_core+0x77/0x9c Jul 2 18:12:42 NAS2 kernel: process_backlog+0x8c/0x116 Jul 2 18:12:42 NAS2 kernel: __napi_poll.constprop.0+0x2b/0x124 Jul 2 18:12:42 NAS2 kernel: net_rx_action+0x159/0x24f Jul 2 18:12:42 NAS2 kernel: __do_softirq+0x129/0x288 Jul 2 18:12:42 NAS2 kernel: do_softirq+0x7f/0xab Jul 2 18:12:42 NAS2 kernel: </IRQ> Jul 2 18:12:42 NAS2 kernel: <TASK> Jul 2 18:12:42 NAS2 kernel: __local_bh_enable_ip+0x4c/0x6b Jul 2 18:12:42 NAS2 kernel: netif_rx+0x52/0x5a Jul 2 18:12:42 NAS2 kernel: macvlan_broadcast+0x10a/0x150 [macvlan] Jul 2 18:12:42 NAS2 kernel: ? _raw_spin_unlock+0x14/0x29 Jul 2 18:12:42 NAS2 kernel: macvlan_process_broadcast+0xbc/0x12f [macvlan] Jul 2 18:12:42 NAS2 kernel: process_one_work+0x1ab/0x295 Jul 2 18:12:42 NAS2 kernel: worker_thread+0x18b/0x244 Jul 2 18:12:42 NAS2 kernel: ? rescuer_thread+0x281/0x281 Jul 2 18:12:42 NAS2 kernel: kthread+0xe7/0xef Jul 2 18:12:42 NAS2 kernel: ? kthread_complete_and_exit+0x1b/0x1b Jul 2 18:12:42 NAS2 kernel: ret_from_fork+0x22/0x30 Jul 2 18:12:42 NAS2 kernel: </TASK> Jul 2 18:12:42 NAS2 kernel: ---[ end trace 0000000000000000 ]---
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.