freetgy Posted April 7 Share Posted April 7 I was reading on the following thread, that did not provide a solution to the question raised. I have Dockers and VMs running on a different IP than the Host IP. 1. I have setup Wireguard to connect to the Unraid Server, working fine. 2. I'd like to access now the other Dockers and VMs as well, but based on my current setup there is no connection. 3. My issue is that my Router does not support static routing. Is there a way to resolve this feature gap my router has? I am hoping there is maybe a way to let the Host (Unraid) route the call of the remote device to the respective Docker/VM IP? Quote Link to comment
bmartino1 Posted April 7 Share Posted April 7 (edited) I don't understand the problem. this is done under setting : When I connect to my tunnel i can hit my dockers IP. pi hole, unraid gui... etc... I'm also running a mac vlan docker network. Edited April 7 by bmartino1 Quote Link to comment
bmartino1 Posted April 7 Share Posted April 7 i would instead recommend the ssh tool for users, and recommend using ssh tunneling to specif the port ip you are trying to access. https://www.godaddy.com/resources/skills/how-to-set-up-an-ssh-tunnel-with-putty use putty and client machine local host to access the service over the ssh tunnel. this way you can control the ip scheme you connect to. Quote Link to comment
bmartino1 Posted April 7 Share Posted April 7 If you go to settings network settings, you can add a custom IP route the gateway would be unraid host ip... and the custum ip scheme... Quote Link to comment
freetgy Posted April 7 Author Share Posted April 7 6 minutes ago, bmartino1 said: I don't understand the problem. See my Wireguard Setting: My Unraid is 192.168.2.201 My Docker is e. g. 192.168.2.208 Access to Unraid works fine, no access to docker on 192.168.2.208 with the above config. Quote Link to comment
bmartino1 Posted April 7 Share Posted April 7 (edited) I'm running 6.12.10 your wireguard tunnel doesn't look right to me, I'm also using UPNP you may be missing your static route... Edited April 7 by bmartino1 Quote Link to comment
freetgy Posted April 7 Author Share Posted April 7 (edited) 10 minutes ago, bmartino1 said: If you go to settings network settings, you can add a custom IP route the gateway would be unraid host ip... and the custum ip scheme... Done, but address still not reachable: Running 6.12.10 as well. Edited April 7 by freetgy Quote Link to comment
bmartino1 Posted April 7 Share Posted April 7 it apears taht you are using a bridge netwrok that is not carring your newtokr settings. I recommend some down time and switching to a macvaln netwrok driver for dockers. Since you are using bridge mode. ?you may have a misconfigured docker setting trying to use ipvlan... step once stop all vm and docker and disable them step 2 disable bridging. (optional enable bonding) step 3 go to docker settings. and set Docker custom network type: macvlan Host access to custom networks: Enabled enable docker and enable vm . tunnel would also fail if docker doesn't have host access to custom networks. Quote Link to comment
itimpi Posted April 7 Share Posted April 7 Under the Peer Allowed IPs field you need to put entries for each subnet you want to be able to access via WireGuard. 1 Quote Link to comment
bmartino1 Posted April 7 Share Posted April 7 3 minutes ago, itimpi said: Under the Peer Allowed IPs field you need to put entries for each subnet you want to be able to access via WireGuard. i think its the docker setting host access preventing this. I agree that adding the ip scheme there should fix this as well. That is not my current setting to allow access and access the ip schema. Quote Link to comment
freetgy Posted April 7 Author Share Posted April 7 (edited) OK, trying to follow all your guidances. Step by Step Added Host Access to Custom Networks on Docker Added Route from 192.168.2.201 to 192.168.2.208 Docker Setting: Example Docker: Network Tab: WireGuard Result same for me: Access to 192.168.2.201 works, 192.168.2.208 does not. Rebooting the Server now just in case. Edited April 7 by freetgy Quote Link to comment
Solution bmartino1 Posted April 7 Solution Share Posted April 7 (edited) Can you access any other 2.x address such as your router over the tunnel? if yes its your docker 2.208 settings. if no its network/routing issue. Other than the bad route data. as metric should be 1 but that line ipv4 192.168.2.208 wg0 is not a good data rout. that's telling unraid that ip goes to interface wg0 no traffic would be making it across. I belie you should disable bridging. this may be causing a macvlan trace issue. Otherwise, set docker setting to ipvlan. You may also need to reboot the device. Edited April 7 by bmartino1 1 Quote Link to comment
freetgy Posted April 7 Author Share Posted April 7 (edited) As far as i can tell ipv4 192.168.2.208 wg0 gets added automatically, if i add 192.168.2.208 as allowed peer IPs under Wireguard VPN Manager. • Removed 192.168.2.208 from allowed peers under VPN • Disabled Bridging The Disabling of Bridging did it i think, access to all Dockers works now as well as other network devices and router. Thank you very much for taking your time of supporting a newbie here. Thank you for your patience, I see i need to learn more network stuff to understand all the mechanics at play in Unraid. Any tips for a good read-up? Also i fundamentally lack understanding on the difference between macvlan and ipvlan. I understand we should use ipvlan going forward as per the latest release notes of Unraid? Edited April 7 by freetgy Quote Link to comment
bmartino1 Posted April 7 Share Posted April 7 1 hour ago, freetgy said: As far as i can tell ipv4 192.168.2.208 wg0 gets added automatically, if i add 192.168.2.208 as allowed peer IPs under Wireguard VPN Manager. • Removed 192.168.2.208 from allowed peers under VPN • Disabled Bridging The Disabling of Bridging did it i think, access to all Dockers works now as well as other network devices and router. Thank you very much for taking your time of supporting a newbie here. Thank you for your patience, I see i need to learn more network stuff to understand all the mechanics at play in Unraid. Any tips for a good read-up? Also i fundamentally lack understanding on the difference between macvlan and ipvlan. I understand we should use ipvlan going forward as per the latest release notes of Unraid? kinda... from other post I have made. Back in unraid version 6.9 eara before docker network of ipvlan vs macvlan, unraid used macvlan for the default network communication. Unraid deves decided to move to ipvaln to fix other issues. tehy weere starting to get isues with how they Handled network bridgining and how macvlan atached itself to gain access. this issues cause a kernel panic call trace which can be seen to be worked on since verison 6.12.x... There dev team has made greate strides to incoperate and maintain. but the default while not setting the correcet settings are network to enable bridigin and macvaln. there is a ongoin issues due to the nature of Nic and promesioc mode. That causes the macvlan trace bug. the fix has been to turn off briding or to use the docker netwrok driver for ipvaln. I'm a bit old school, i highly recommend this video going over the docker networks. Please see posts: Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.