April 9, 20242 yr Hi guys, I have an issue with Ubiquiti UDM se and Unraid. Basically the motherboard of my Unraid server has 2 LAN ports and I decided to assign 1 of them for Unraid only and with untagged Unraid VLAN --> No bonding. no binding Second port (used for docker containers and VMs) has VLAN Unraid untagged and tagged as IoT and Internal Services. --> No bonding. no binding First port (Unraid only) is connected to port 8 and assigned on VLAN Unraid while port 7 is for VM and docker is also by default exposed on Unraid VLAN. The problem is that UDM SE doesn't "understand" the MAC Addresses and assigns them wrong IPs. I set port 8 to have a fix 192.168.10.150 and port 7 assigned to 192.1168.10.160 but while port 8 takes the correct IP, port 7 just gets an IP of the VLAN for IoT Devices. Can you help me to understand? Unraid Server: Lan1 assigned with IP: 192.168.10.150 (Static IP on UDM AND assigned statically on Unraid as well) Lan2 assigned with IP: 192.168.10.160 (Static IP on UDM AND assigned statically on Unraid as well) UDM PRO: LAN1 of Unraid on port 7 (gets correct static IP) LAN2 of Unraid on port 8 gets an Ip of IoT VLAN while homeAssistant container gets the fixed IP reserved for the LAN2 Issue: The issue is that I can only access Unraid interface with tailscale on. Strange thing that happens is --> if docker service is active when I start Unraid then I can't access it through a local IP, while if I disable docker and reboot Unraid then I can reach Unraid when it comes back online without using Tailscale Edited April 9, 20242 yr by firstTimer
April 9, 20242 yr Author I forgot to me mention that those custom docker networks are with macvlan type of driver (ipvlan is simply greyed out)
April 10, 20242 yr 12 hours ago, firstTimer said: Unraid Server: Lan1 assigned with IP: 192.168.10.150 (Static IP on UDM AND assigned statically on Unraid as well) Lan2 assigned with IP: 192.168.10.160 (Static IP on UDM AND assigned statically on Unraid as well) Some router support same subnet for different VLAN, but most won't support that, I am not sure UDM support or not. But even UDM support, Unraid just not, so you need setting them in different subnet. And this not relate macvlan nor ipvlan. The advantage of use same subnet for different VLAN was IP assignment won't change even device sit on different VLAN. Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr Author 12 minutes ago, Vr2Io said: Some router support same subnet for different VLAN, but most won't support that, I am not sure UDM support or not. But even UDM support, Unraid just not, so you need setting them in different subnet. And this not relate macvlan nor ipvlan. The advantage of use same subnet for different VLAN was IP assignment won't change even device sit on different VLAN. @Vr2Io So it means that I should assign LAN2 to a different VLAN by default? Edited April 10, 20242 yr by firstTimer
April 10, 20242 yr 9 minutes ago, firstTimer said: @Vr2Io So it means that I should assign LAN2 to a different VLAN by default? No, LAN1 and LAN2 must different subnet. Vlan1 with lan1, vlan2 with lan2 Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr Author @Vr2Io This is what I meant: LAN1 (UnraidOnly) will go on VLAN Unraid with IP: 192.168.10.150 LAN2 (InternalServices and IoT) will go on VLAN Internal Services with IP: 192.168.20.160 Lan2 will eventually have an homeAssistant container which will be connected to IoT VLAN and 2 VMs which will be connected to the internalServices VLAN, this is possible right? Edited April 10, 20242 yr by firstTimer
April 10, 20242 yr 2 minutes ago, firstTimer said: @Vr2Io This is what I meant: LAN1 (UnraidOnly) will go on VLAN Unraid with IP: 192.168.10.150 LAN2(InternalServices and IoT) will go on VLAN Internal Servicess with IP: 192.168.20.160 Am I right? Yes ( assume subnet mask was 255.255.255.0 or /24 ) Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr Author @Vr2Io Yes all these vlans use same subnet mask 255.255.255.0 So to recap, in the end I will have a network like this: 3 VLANS: Unraid IoT InternalServices Physical connections: LAN1 of UnraidServer --> VLAN Unraid LAN2 of UnraidServer --> VLAN InternalServices VLAN Connections: HomeAssistant "phisically" connected on LAN2 but gets an IP from IoT VLAN 2 Win11 VMs "phisically" connected on LAN2 but get IPs from InternalServices Seems good to you? What confused me, I think is that even though each LAN port of the MB has a different MAC Address (just last octet changed) they are "recognized" badly Edited April 10, 20242 yr by firstTimer
April 10, 20242 yr 13 minutes ago, firstTimer said: @Vr2Io Yes all these vlans use same subnet mask 255.255.255.0 So to recap, in the end I will have a network like this: 3 VLANS: Unraid IoT InternalServices Physical connections: LAN1 of UnraidServer --> VLAN Unraid LAN2 of UnraidServer --> VLAN InternalServices VLAN Connections: HomeAssistant "phisically" connected on LAN2 but gets an IP from IoT VLAN 2 Win11 VMs "phisically" connected on LAN2 but get IPs from InternalServices Seems good to you? What confused me, I think is that even though each LAN port of the MB has a different MAC Address (just last octet changed) they are "recognized" badly I ( in fact most people ) will setting like that to separate the network as they need. - Main & Main IoT ( because they need communicate each other ) - Aux IoT - CCTV ( vlan666 ) - Guest Internet only Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr 9 hours ago, firstTimer said: What confused me, I think is that even though each LAN port of the MB has a different MAC Address (just last octet changed) they are "recognized" badly For me this not a problem, you will found I only use one port for all service, so many mac address under same port. I only care about what IP assignment make me easy to identify what they are. For example 1xx was mobile device in "Internet valn" 1st sister 11x ( so allow 0-9 device ) 2nd sister 12x 3rd brother 13x etc. And I use Wireshark to capture some important traffic too, i.e. DHCP assignment, easy to check in one place what device have access network Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr Author @Vr2Io Thanks for your help and explanations, it seems a little more stable the network now so now I still have 2 issues: Unraid isn't accessible though local IP once docker service starts VMs which should run on host1 (physical LAN2) network (even though I tried to refresh their generated mac) as soon as I start one of them, the Unraid UI just can't be reached anymore Edited April 10, 20242 yr by firstTimer
April 10, 20242 yr You use IP or domain to access Unraid GUI ?? Pls try use IP. If Unraid GUI unreachable, there should because two reason 1. Unraid GUI web service crash, pls check any abnormal from syslog. 2. Unraid MAC address resolve wrong to verify, type below command ( if Windows ) and check the MAC address correct or not arp -d ping -n 1 192.168.10.6 ( Unraid IP ) arp -a ( mark down the MAC address of Unraid ) < Start docker / VM > and Unraid unreachable ping -n 1 192.168.10.6 ( Unraid IP ) arp -a ( Check does MAC address still show and correct ) Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr Author 22 minutes ago, Vr2Io said: You use IP or domain to access Unraid GUI ?? Pls try use IP. If Unraid GUI unreachable, there should because two reason 1. Unraid GUI web service crash, pls check any abnormal from syslog. 2. Unraid MAC address resolve wrong to verify, type below command and check the MAC address correct or not arp -d ping -n 1 192.168.10.6 ( Unraid IP ) arp -a ( mark down the MAC address of Unraid ) < Start docker / VM > and Unraid unreachable ping -n 1 192.168.10.6 ( Unraid IP ) arp -a ( Check does MAC address still show and correct I tried both to use the IP and domain locally ( only domain works when using tailscale) when I try to ping -n IpOfUnraid --> the packets are lost with timeout This is strange because the Wifi is connected by default to another VLAN (Daily) I tried to ping the gateway of the Unraid VLAN and it works! Mac Address of Unraid is not even shown Edited April 10, 20242 yr by firstTimer
April 10, 20242 yr Could you try stop Tailscale ? Pls stop array and other service first, if no way to access Unraid UI again, then short press power button to shutdown and reboot Unraid. Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr Author 27 minutes ago, Vr2Io said: Could you try stop Tailscale ? Pls stop array and other service first, if no way to access Unraid UI again, then short press power button to shutdown and reboot Unraid. I tried to stop tailscale and I couldn't access the Unraid UI immediately ( I use tailscale as plugin). The only thing that makes the issue disappear is when I start the Unraid Server without docker service enabled, in that case I can reach the Unraid server without issues. So it seems to me that some docker container (or my docker configuration) is causing this issue. The only "weird" containers that use VLAN network instead of a bridge type of network are homeAssistant and pihole. I can confirm that if I turn off docker service then the unraid server is reachable locally (through domain, if I try with ip it get automatically redirected to domain) Edited April 10, 20242 yr by firstTimer
April 10, 20242 yr 18 minutes ago, firstTimer said: Unraid UI immediately ( I use tailscale as plugin). I wrongly identify it under docker or VM. 18 minutes ago, firstTimer said: the issue disappear is when I start the Unraid Server without docker Pls post more detail in network and docker setting. 18 minutes ago, firstTimer said: The only "weird" container that use VLAN network instead of a bridge type of network are homeAssistant and pihole. You found I have both too, and it can run under different vlan without any problem. But I don't use bridge mode. But I don't thing bridge mode will cause any problem. Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr Author 2 minutes ago, Vr2Io said: I wrongly identify it is im docker or VM. Pls post more detail in network and docker setting. You found I have both too, and it can run under different vlan without any problem. But I don't use bridge mode. But I don't thing bridge mode will cause any problem. Image 1: Eth0 is the Unraid VLAN network. Eth1 is InternalService VLAN and eth1.6 is the IoT VLAN Image 2: Config of eth0: so Unraid server is published on Unraid VLAN Image 3: Config of eth1: it is published on InternalServices VLAN but has also an access to IoT VLAN Image4: Are the current listening interfaces:
April 10, 20242 yr Author 3 minutes ago, Vr2Io said: Let me check and reply later, I m at work now. of course thanks ALOT for the help
April 10, 20242 yr 1st suggestion if I use two ethernet port in Unraid. Don't set same untag network to eth0 and eth1. Pls setting untag 6 ( just don't same as eth0 ) and tag 6 to eth1 port. Or simple blank the setting in eth1 setting and only keep lower part vlan6. That means 20.X and 60.X truly seperate from eth0 30.X first. Then check does problem gone. Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr I found abnormal on docker part, there are no gateway in 30.X and 60.X, pls check why. It should auto copy from network setting. This may be why UI lost when you start docker as gateway gone and you access the UI were route through UDM and Unraid instead locally. Edited April 10, 20242 yr by Vr2Io
April 10, 20242 yr Author 3 hours ago, Vr2Io said: 1st suggestion if I use two ethernet port in Unraid. Don't set same untag network to eth0 and eth1. Pls setting untag 6 ( just don't same as eth0 ) and tag 6 to eth1 port. Or simple blank the setting in eth1 setting and only keep lower part vlan6. That means 20.X and 60.X truly seperate from eth0 30.X first. Then check does problem gone. I tell you my setting on UDM: Port 7 is the cable for eth0 and has Unraid as Untagged VLAN (and block all the other VLAN) Port 8 is the cable for eth1 and has InternalServices as untagged VLAN and IoT (6) as tagged VLAN Changes i've made: eth0 --> as before, so it gets the untagged Unraid VLAN (30.X) eth1 --> It gets automatically an IP from InternalServices (20.X) untagged VLAN and it supports tagged IoT VLAN (60.X) Edited April 10, 20242 yr by firstTimer
April 10, 20242 yr Author 3 hours ago, Vr2Io said: I found abnormal on docker part, there are no gateway in 30.X and 60.X, pls check why. It should auto copy from network setting. This may be why UI lost when you start docker as gateway gone and you access the UI were route through UDM and Unraid instead locally. After the changes I've done in the previous message the gateway section was updated automatically Edited April 10, 20242 yr by firstTimer
April 10, 20242 yr Author @Vr2Io After you suggestions I've managed to have homeAssistant running on IoT VLAN and pihole on InternalServices VLAN. Still, the only problem is that Unraid is unreachable when I turn docker service on
April 10, 20242 yr If a device at same subnet and vlan of eth0 (local), then no much reason will unreachable when docker service start. If still that, pls try unplug eth1 cable before docker start. Not much idea. Pls also try access UI by putting client in eth1 same vlan and 30.X subnet. To eliminate network / switch related, direct connect Unraid and client then stat docker service .... also a step to troubleshooting. ** Pls also confirm Pihole haven't turn on DHCP server function ** Edited April 10, 20242 yr by Vr2Io
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.