Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Nginx reverse proxy + VLAN + pfSense

Featured Replies

I don't think this is specific to the specific container, but if mods want to move the thread that's fine.

Intended outcome

To be able to access Jellyfin through a reverse proxy, where the proxy and the Jellyfin container is on it's own VLAN.

The config

I currently have issues with getting my subdomain via Cloudflare (proxied) to resolve my Jellyfin container out to the internet. Here's a basic setup of my config. I am only going to specify the parts of the network that are involved in the process. Everything on Cloudflare works fine.

 

Router: pfSense (192.168.0.1)

Subnet Unraid server: VLAN 2 (10.0.2.10)

Subnet with containers: VLAN 20 (10.0.20.10)

 

pfSense has NAT firewall rules to pass HTTP and HTTPS traffic that redirect to VLAN 20 adresses (non specific). Making it specific doesn't change the outcome. VLAN 20 has access to the internet and DNS resolves fine. The VLANs have rules that ensure the required connectivity between the VLAN's for specific services.

 

My docker network looks like this:

 

NETWORK ID     NAME      DRIVER    SCOPE
453b516b189b   br0       ipvlan    local
6357053a24a9   br0.20    ipvlan    local
57dec04655a4   bridge    bridge    local

 

My routing table looks like this:

 

PROTOCOL	ROUTE				GATEWAY					METRIC	
IPv4		10.0.2.0/24			br0					1	
IPv4		172.17.0.0/16			docker0					0	
IPv4		172.18.0.0/16			br-800f922a0e86				0	
IPv4		192.168.0.0/24			br1					1	
IPv4		192.168.122.0/24		virbr0					0	

The problem and my thoughts that I need help with

If I run the setup on VLAN 2 in bridge mode, i.e. on the server itself, everything works fine. As soon as I set it up on VLAN 20, I get a 522 from Cloudflare.

 

From what I've read from various places, there are two proposed solutions, but I don't have the networking knowhow to implement them. One is adding Split DNS in my config, which I'm not exactly sure how to configure even though I know where it is in the admin panel. And my other thought, is that the routing table is missing bridging from br0 to the specific VLAN, but I'm also lacking the required networking knowledge to do this correctly as well. I tried a lot of things yesterday and ended up having to revert to a Flash backup because the config got messed up. So I thought it's best to ask for help the second time around.

 

I know there are a lot of elements to this config, but I'm hoping there is a fellow Unraider and pfSense geek out there that can help me resolve this issue or give me a fresh of set ideas. Please let me know if there is missing information here. Thank you very much!

Edited by tuxflux1

Solved by tuxflux1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.