October 20, 20241 yr I have a installed a second NIC in my server on a VLAN to segment docker traffic. I have bridging enabled (br2). The issue I'm seeing is that the docker container that gets attached to br2 is not picking up the gateway of the host interface.
October 21, 20241 yr You have a weird and intresting network setup here review all the videos here: you docker network setup is weird and may need other setting and a different addition to your network setup. Post diagnostic so we can see the entire network tree and setting to help correct thus issue, ?vlans?
October 21, 20241 yr Community Expert 1 hour ago, ridewithjoe said: I have a installed a second NIC in my server on a VLAN to segment docker traffic. I have bridging enabled (br2). The issue I'm seeing is that the docker container that gets attached to br2 is not picking up the gateway of the host interface. You need to stop the docker service (or array) and configure network settings for docker under Settings > Docker. This is an additional step for docker networking. Once configured there it will show up in template network type section.
October 21, 20241 yr Author 1 minute ago, tjb_altf4 said: You need to stop the docker service (or array) and configure network settings for docker under Settings > Docker. This is an additional step for docker networking. Once configured there it will show up in template network type section. I have done this.... that is not the issue... the issue i that the container is not using the default gateway that is assigned to br2. The other custom networks are operating properly. I know my setup is a bit different. I am deliberately configuring a trunk interface with VLANs so that I can set certain docker containers to run on specific network subnets. nasvm-diagnostics-20241020-2105.zip
October 21, 20241 yr ok then we will need the docker inspect command. as by default your docker network is set to using br0 and is brdigeing there. docker network inspect #### https://docs.docker.com/reference/cli/docker/network/inspect/ this will tell us what your network assigned is using... again you may need to resetup a docker network to use it properly...
October 21, 20241 yr Community Expert 21 minutes ago, ridewithjoe said: I have done this.... that is not the issue... the issue i that the container is not using the default gateway that is assigned to br2. The other custom networks are operating properly. I know my setup is a bit different. I am deliberately configuring a trunk interface with VLANs so that I can set certain docker containers to run on specific network subnets. nasvm-diagnostics-20241020-2105.zip 325.92 kB · 1 download Docker network config only has references to vlans under br2, and br2 is not configured. DOCKER_CUSTOM_NETWORKS="br2.10 br2.80 br2.90 " Docker networking settings probably needs a refresh.
October 21, 20241 yr Author 19 minutes ago, bmartino1 said: ok then we will need the docker inspect command. as by default your docker network is set to using br0 and is brdigeing there. docker network inspect #### https://docs.docker.com/reference/cli/docker/network/inspect/ this will tell us what your network assigned is using... again you may need to resetup a docker network to use it properly... I know by default that br0 is where docker is bridging... I'm using a custom config. I have 4 network interfaces.... configured into two 802.11ad bonds. bond0 and bond2. bond0 is the admin interface for unraid on a management vlan. bond2 is the interface that is a trunk interface for multiple vlans. Some dockers are on br2.80 br2 - is on vlan 60 the native vlan for the trunk. Additional vlans are: br2.10 br2.80 The bond2 interface is assigned an ip of 10.168.60.245/24 with a gateway of 10.168.60.254 I have several docker containers running on br2.80 and they are running fine. They show the proper gateway however the containers on vlan 60 should be showing the same host interface default gateway of 10.168.60.254 however they are getting a gateway of 10.168.60.1. The docker network doesn't seem to pickup the default gateway of that host interface but the sub interface is getting the gateway I have assigned. in the custom network just fine. There should be a simple way to assign a custom default gateway for a container. The output of 'docker network inspect br2': [ { "Name": "br2", "Id": "17ca4604ab87ae68e47df153062a8bbdb7e45466e5f95e1099a8d4efffb4714c", "Created": "2024-10-20T18:18:34.938423495-04:00", "Scope": "local", "Driver": "ipvlan", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "10.168.60.0/24", "AuxiliaryAddresses": { "server": "10.168.60.245" } } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": {}, "Options": { "parent": "br2" }, "Labels": {} } ] The output of 'docker network inspect br2.80': [ { "Name": "br2.80", "Id": "f22dcc51a4a813565fcc3385354c2c34e28a73f836151fe6ba25c62cc6ddb91a", "Created": "2024-10-20T18:18:35.256187663-04:00", "Scope": "local", "Driver": "ipvlan", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "10.168.80.0/24", "Gateway": "10.168.80.254" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "7a7642e1c24a2409ef5aa31c8293c9c2b14c66bfae19c6247de32d1b3632bfdb": { "Name": "bhdelugevpn", "EndpointID": "a7db7f8ae3ae19cc49566e306ab334a400a4f5f15ea5fc2ef434b76a8ac4f417", "MacAddress": "", "IPv4Address": "10.168.80.1/24", "IPv6Address": "" }, "f51bea5753b086b0af16d303a6c1773715b1b8b0ef91a599749b1a510b88eb8c": { "Name": "plex", "EndpointID": "ebc4596d489b6242b007adb4f92ca75526046750300dfc26dc367b254269703f", "MacAddress": "", "IPv4Address": "10.168.80.10/24", "IPv6Address": "" } }, "Options": { "parent": "br2.80" }, "Labels": {} } ]
October 21, 20241 yr i saw the 4 nic per digan thanks for posting, i need to digest this to further assist. You may need to add a custom ip rout to unraid. to fix this. Your fighitng vlan traffic briding on unraid. I don't remober the comands nor route info to assit and will take a deeper look to assist. You will need to setup vlan trunking for unraid to get docker gateway access.
October 21, 20241 yr Solution Please correct me If I'm misunderstanding you correctly... Your Netowrk Problem Analysis: Your br2 is associated with VLAN 60, which has a subnet 10.168.60.0/24 with a gateway set at 10.168.60.254. You also have a network br2.80 associated with VLAN 80, with a subnet 10.168.80.0/24 and gateway 10.168.80.254. Containers on br2.80 seem to work correctly, but containers on br2 (VLAN 60) are getting the wrong gateway (10.168.60.1), while you intend them to use 10.168.60.254. Summary of Key Actions to follow and check: 1 Explicitly Define Gateway in Docker Network. 2 Restart or Recreate Containers to Update Network Settings. 3 Verify Routing Tables on Unraid. 4 Use Docker Options to Set Specific Gateways. Since your br2 is associated with VLAN 60, which has a subnet 10.168.60.0/24 with a gateway set at 10.168.60.254. You also have a network br2.80 associated with VLAN 80, with a subnet 10.168.80.0/24 and gateway 10.168.80.254. Containers on br2.80 seem to work correctly, but containers on br2 (VLAN 60) are getting the wrong gateway (10.168.60.1), while you intend them to use 10.168.60.254. 1. Check Docker Network Configuration: The Docker network inspect br2 output doesn't show a defined gateway, which might lead Docker to auto-assign one. This auto-assigned gateway could be 10.168.60.1, which is incorrect. Action: We Explicitly specify the gateway for the br2 network in Docker.... we will need to recreate br2 and the docker network... docker network rm br2 docker network create \ -d ipvlan \ --subnet=10.168.60.0/24 \ --gateway=10.168.60.254 \ -o parent=br2 \ br2 2. Check Docker Container Configurations: Verify that containers using br2 are configured correctly to use the br2 network. Sometimes, containers may retain old configurations, or they might not automatically update when the network configuration changes. Action: Restart or recreate affected containers using the updated br2 network to apply the changes: docker restart <container_id> # or recreate the container if needed docker rm -f <container_id> docker run --network=br2 <your_container_image> To confirm doecker is using the br2 created above. tempale eidt should see this and be fine... 3. check ip route Confirm that the gateway for 10.168.60.0/24 points to 10.168.60.254 and not some other IP. If there’s a misconfigured route, you can add a default gateway for the VLAN 60 subnet: add additional iprout: ip route add default via 10.168.60.254 dev br2 Additionally, check if there are any conflicts between VLAN interfaces or IP tables that might be overriding the intended gateway. at router level. trunking needs to be enabled there... 4. Docker Default Gateway Setting: If you want containers on br2 to use a specific gateway, you may explicitly set a default route for each container using Docker’s --default-gateway option https://forums.docker.com/t/setting-default-gateway-to-a-container/17420 example docker run command: docker run --network=br2 --default-gateway=10.168.60.254 <your_container_image> seen in docs: https://docs.docker.com/engine/network/tutorials/standalone/ https://docs.docker.com/engine/network/ https://stackoverflow.com/questions/45613476/docker-how-to-control-define-default-gateway-settings
October 21, 20241 yr Author 1 hour ago, bmartino1 said: 1. Check Docker Network Configuration: The Docker network inspect br2 output doesn't show a defined gateway, which might lead Docker to auto-assign one. This auto-assigned gateway could be 10.168.60.1, which is incorrect. Action: We Explicitly specify the gateway for the br2 network in Docker.... we will need to recreate br2 and the docker network... docker network rm br2 docker network create \ -d ipvlan \ --subnet=10.168.60.0/24 \ --gateway=10.168.60.254 \ -o parent=br2 \ br2 This resolved the issue…. I find it odd that you cannot define the getaway in the UNRAID GUI. You can see that it is not defined but there is no capability to edit it.
October 21, 20241 yr Community Expert 52 minutes ago, ridewithjoe said: This resolved the issue…. I find it odd that you cannot define the getaway in the UNRAID GUI. You can see that it is not defined but there is no capability to edit it. you mean like this?
October 21, 20241 yr Author 9 minutes ago, tjb_altf4 said: you mean like this? Yes exactly except in my case br2 is not editable
October 21, 20241 yr Community Expert 14 minutes ago, ridewithjoe said: Yes exactly except in my case br2 is not editable It would be due to having an IP on the interface, although its curious that it was picking up the wrong gateway. No IP on interface. and it becomes editable.
October 21, 20241 yr Author Just now, tjb_altf4 said: It would be due to having an IP on the interface, although its curious that it was picking up the wrong gateway. No IP on interface. and it becomes editable. My expectation was that it would pick it up as well but it doesn’t… let me try removing the IP on the interface…. I don’t need an IP on it specifically. That would be a better fix.
October 21, 20241 yr Author That was the better solution….while both solutions work, simply removing the IP on the interface and defining the network and gateway in the docker settings.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.