Rich Posted July 3, 2023 Share Posted July 3, 2023 (edited) I've just added a (working) NIC to my server to function at eth1, however after setting up and installing dockers on br1 i realised nothing on the network has internet access. I can ping from outside the network inward and from inside the network to other local IPs, however i am not able to get access out of the network. After a quick google i found results saying i needed to keep the gateway for eth1 blank in network settings, which i thin did, however no luck with outward access. Settings are as below. Would really appreciate some pointers here as i've been at this for hours with no luck. Thanks. Edited July 9, 2023 by Rich Quote Link to comment
Vr2Io Posted July 3, 2023 Share Posted July 3, 2023 For access Internet, you need fill the gateway and your router also need support multi-subnet. Quote Link to comment
Rich Posted July 3, 2023 Author Share Posted July 3, 2023 Thanks for the reply. I'm confused at why other posts say the gateway should be empty? Also i have a UDM Pro setup with multiple subnets, the two in question are visible in the screenshots above. I started with the gateway populated and still no internet access for the dockers. I have triple tested that a laptop on the new subnet can access the internet, which it can, so it doesn't appear to be an issue with UDM Pro network settings. Quote Link to comment
Rich Posted July 4, 2023 Author Share Posted July 4, 2023 Tried again with and without a gateway for eth1 and still no luck. What am I missing? Quote Link to comment
Vr2Io Posted July 4, 2023 Share Posted July 4, 2023 (edited) 4 hours ago, Rich said: I'm confused at why other posts say the gateway should be empty? One of the reason is some user connect their 10G NIC in peer to peer directly. So no Internet ( actually is other subnet traffic ) in that network, if setting gateway then it will mess routing path. There also different reason will setting that, for example, I blank the gateway in Unraid 2nd NIC but docker have manual set the gateway for Internet access, so Unraid can access different docker network by routing the traffic to router then route back to docker network without "host access enable". 1 hour ago, Rich said: What am I missing? Do you means docker in br1, if yes, pls troubleshoot by ping router & internet inside docker ( console ). Edited July 4, 2023 by Vr2Io Quote Link to comment
Rich Posted July 4, 2023 Author Share Posted July 4, 2023 For clarity, what i am trying to do it add a NIC to the server, set it up as eth1 and then set 5ish dockers to use br1 so they can use the NIC to access a separate network and get internet access via the that network / eth1/br1. Is that actually possible? The settings i have currently are as pictured. From the Docker console, for a docker on eth0/br0 i can ping it's gateway and 1.1.1.1. For a docker on eth1/br1, with the pictured settings, i cannot ping it's gateway but can ping 1.1.1.1. Really appreciate any help provided. Quote Link to comment
Rich Posted July 4, 2023 Author Share Posted July 4, 2023 Ok, so i can now ping the gateway and 1.1.1.1 from the docker console connected to the NIC. What isn't working is pinging an address, e.g. google.com, which points towards a DNS problem. Is that likely, as i'd read that eth1 should use the DNS settings from eth0? Quote Link to comment
Rich Posted July 4, 2023 Author Share Posted July 4, 2023 If i run, docker network ls and then, docker network inspect xxxxxx on the bridge, none of the eth1 dockers appear in the list. Assuming this is why the dockers aren't getting DNS? Quote Link to comment
Vr2Io Posted July 4, 2023 Share Posted July 4, 2023 (edited) 6 hours ago, Rich said: Ok, so i can now ping the gateway and 1.1.1.1 from the docker console That's great. 6 hours ago, Rich said: What isn't working is pinging an address, e.g. google.com, which points towards a DNS problem. It should use Unraid setting DNS, so docker at br1 won't reach your DNS 192.168.10.214. For example, one of my Unraid config use local DNS ( Pihole ), check the docker ( 192.168.9.7 ) will use that too. Edited July 5, 2023 by Vr2Io Quote Link to comment
Rich Posted July 5, 2023 Author Share Posted July 5, 2023 That's what i had gathered from reading different posts; DNS is effectively passed-through / inherited from system level and not configured locally (eth1). But why isn't is working in this case? Quote Link to comment
Vr2Io Posted July 5, 2023 Share Posted July 5, 2023 (edited) 5 hours ago, Rich said: not configured locally (eth1). Yes, so DNS must both subnet ( br0 , br1 ) accessible, common setting were use Internet DNS, if you want to use local DNS, then you need some advance network design / config. Edited July 5, 2023 by Vr2Io Quote Link to comment
Solution Rich Posted July 5, 2023 Author Solution Share Posted July 5, 2023 Understood. So DNS isn't passed through to br1, br1 simply uses the same DNS address that br0 has been set to. Assuming i've understood things correctly, i just need to add a firewall rule to allow my br1 network access to the DNS IP on br1. Thanks for your help. Quote Link to comment
p4ci Posted March 14 Share Posted March 14 On 7/5/2023 at 9:17 PM, Rich said: Understood. So DNS isn't passed through to br1, br1 simply uses the same DNS address that br0 has been set to. Assuming i've understood things correctly, i just need to add a firewall rule to allow my br1 network access to the DNS IP on br1. Thanks for your help. you ok with second NIC for configure others dockers on this eth1? thanks , i have this problem Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.