Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

OS 7.0 Docker VLAN Bug?

Featured Replies

Since upgrading to 7.0 I am no longer able to have a docker vlan interface with the IP address set to none and be able to use that network interface in containers. In previous versions, the Unraid host did not need an IP for Docker to allow me to use the interface on containers. Instead now I must set an IP on the host or use DHCP before Docker will allow me to use the vlan'd interface on containers. 

 

Was this an intentional change and if so, why? I only want my Unraid host to be addressable/accessible via it's IP, not over my container or virtual machine vlans. Attached two screenshots for reference of desired configuration and how the interface does not show up on the container for use (it previously did and worked on 6.12)

Screenshot 2025-01-11 162757.png

Screenshot 2025-01-11 162837.png

  • Community Expert

 

 

your docker connection based on your post is fundamentally wrong.

Network type would need to be host not none...

 

  • Author
4 minutes ago, bmartino1 said:

 

 

your docker connection based on your post is fundamentally wrong.

Network type would need to be host not none...

 

You misunderstand the post. None is not what I selected, none is what it forced to because my desired bridge is not displayed as a choice. The desired bridge interface should be br0.4 (which corresponds to vlan 4 pictured in the above screenshot). Unraid / Docker will not display this as an option unless I put an IP on the interface on the Unraid host configuration, which I absolutely do not want, and have never had to have before 7.0. 

 

Adding screenshots of how it is forced to work in 7.0 for you. 

Screenshot 2025-01-11 163539.png

Screenshot 2025-01-11 163548.png

Edited by cpsmith516

  • Community Expert

You may need to remake the docker network then...

 

is docker setting preserver user defined networks enabled?

*with out that setting any docker related networks would restore to unraid defaults...

 

image.png.55ee5248436ef5e55bdaa754f829000d.png

 

I need a output of

docker ls network

and

ip a
ip link show

 

 

as I don't think your docker network exist... even then in network settings to not specify a IP that interface would need a IP or pre knowldged on a ip for the subnet...

 

so make docker network macvlan:

docker network create \
  --driver=macvlan \
  --subnet=192.168.4.0/24 \
  --gateway=192.168.4.1 \
  -o parent=br0.4 \
  br0.4_network

and set network to br0.4_network
 

Edited by bmartino1
data - typo

  • Author
5 minutes ago, bmartino1 said:

You may need to remake the docker network then...

 

is docker setting preserver host networking enabled?

*with out that setting any docker realted networks would restore to unraid defualts...

 

I need a output of
docker ls netwrork

 

and

ip a

docker ls netwrork (assuming typo should be network and a missing dash before ls) is not working. "Unable to parse logging level "s" 

ip a is attached

 

recreated interface, with IP set to none on the host, still unable to use on any containers just as before. 

 

 

Screenshot 2025-01-11 164311.png

  • Community Expert

thx was trying to grab info unraids forum glitch on me sometimes when trying to paste pictures. and I often have to go back and reedit.

 

thank you for posting the IP a this confirms your vlan network is none which is what i'm looking for.
as this may be a unraid ip route issue as well.

Same issue here.  I just upgraded and my docker containers that were connected to a specific VLAN are no longer are able to run.  The VLAN network is no longer available as a selection in the container configuration.

I re-created the VLAN in unraid and I noticed network route was not created when the VLAN was created.  I think it automatically was created when I set this up ages ago.  I manually created the route and it still does not work.  I do not see the option to select the VLAN under the container config.  I'm not really sure, but it seems something is broken here.

Edited by brian.cline2
comment clarity

  • Community Expert
2 hours ago, brian.cline2 said:

Same issue here.  I just upgraded and my docker containers that were connected to a specific VLAN are no longer are able to run.  The VLAN network is no longer available as a selection in the container configuration.

I re-created the VLAN in unraid and I noticed network route was not created when the VLAN was created.  I think it automatically was created when I set this up ages ago.  I manually created the route and it still does not work.  I do not see the option to select the VLAN under the container config.  I'm not really sure, but it seems something is broken here.

need info. as this has not been my case in testing beta and moving to full release...

are you using ipv6?
waht is your network settings?

what is your docker settings

 

which VPN! ... 

 

what docker network did you use...

 

side comands that a diag wont capture

 

current docker networks

docker network ls

 

current listed interfaces

ip a
ip link show

 

Potent picture of your current network routes per unraid web ui...


alot can be misconfigured here and at multiple layers... Need more info

 

Same issue, only using ipv4. No changes made other than the version 7.0 upgrade.

 

 

Screenshot2025-01-13160815.thumb.png.ca3265ec3713f52a7a74a83eb051c7ce.png

 

Screenshot2025-01-13154539.thumb.png.f2f9864b7e52aa3577cacbc5eca9b97b.png

 

Screenshot2025-01-13155659.png.079476296f2204347dfd8cf356076258.png

 

Screenshot2025-01-13155823.png.fcc1c0c13e3a28053ec5612d5b4c4d2f.png

 

Screenshot2025-01-13160013.thumb.png.cdbc464821e5ad661c8b383056ca49b8.png

 

Screenshot2025-01-13160039.thumb.png.40b952bd9ca170ad7a9e71e126a5605b.png

 

 

Edited by dchadd
added screenshot

  • Community Expert

Thank you for the additional data...

 

Would still need to know other docker settings. as it appear you need to make the docker networks again...
you really need to have the presve user defined networks enabled! ... 

 

image.thumb.png.c179ab29bd6b1e8047296570bd6dded9.png

 

As again I don't think you had that setting enabled before the upgrade thus the docker db and network data was wiped...

to fix this, enable that setting for future updates to not break again. and remake your docker networks.


Per your picture that setting seems to be enabled. per other data, you have interface with vlans corectly.

 

the defualt custom eth in the picture is vlan1

image.png.03f3ed20c012b204597cd4e2a304556d.png

 

to make a docker network and use the subnet on a vlan you need to make a docker network.

 

since your network settings are bridging off and bonding off (same as me). you need to make a docker interface with the parent and tell dockers to use that network.

 

as per picture:
image.png.0f79e9f8cdb691fb5ebddc7381ab8315.png

 

don't have a docker netwokr only eth0 gets a defuaut docker network...

to fix this make docker network:
 

# VLAN 10: Subnet 172.16.10.0/24, Gateway 172.16.10.1
docker network create \
  --driver macvlan \
  --subnet=172.16.10.0/24 \
  --gateway=172.16.10.1 \
  -o parent=eth0.10 \
  macvlan_vlan10

# VLAN 20: Subnet 172.16.20.0/24, Gateway 172.16.20.1
docker network create \
  --driver macvlan \
  --subnet=172.16.20.0/24 \
  --gateway=172.16.20.1 \
  -o parent=eth0.20 \
  macvlan_vlan20

# VLAN 25: Subnet 172.16.25.0/24, Gateway 172.16.25.1
docker network create \
  --driver macvlan \
  --subnet=172.16.25.0/24 \
  --gateway=172.16.25.1 \
  -o parent=eth0.25 \
  macvlan_vlan25

 

run the above command then edit the docker and you will see macvlan_vlan## and select that if you want that docker on that vlan.

 

thats it.

I don't know what failed, what setting, or if you had previous docker corruption that is fixed or reset with the upgrade. but in my testing it involved around the docker setting preserver user defined... which is why I recommend upgrading to 6 stable then 7... as some setting were not introduced from 6.9 due to the macvlan bug...

2 hours ago, bmartino1 said:

Thank you for the additional data...

 

Would still need to know other docker settings. as it appear you need to make the docker networks again...
you really need to have the presve user defined networks enabled! ... 

 

image.thumb.png.c179ab29bd6b1e8047296570bd6dded9.png

 

As again I don't think you had that setting enabled before the upgrade thus the docker db and network data was wiped...

to fix this, enable that setting for future updates to not break again. and remake your docker networks.


Per your picture that setting seems to be enabled. per other data, you have interface with vlans corectly.

 

the defualt custom eth in the picture is vlan1

image.png.03f3ed20c012b204597cd4e2a304556d.png

 

to make a docker network and use the subnet on a vlan you need to make a docker network.

 

since your network settings are bridging off and bonding off (same as me). you need to make a docker interface with the parent and tell dockers to use that network.

 

as per picture:
image.png.0f79e9f8cdb691fb5ebddc7381ab8315.png

 

don't have a docker netwokr only eth0 gets a defuaut docker network...

to fix this make docker network:
 

# VLAN 10: Subnet 172.16.10.0/24, Gateway 172.16.10.1
docker network create \
  --driver macvlan \
  --subnet=172.16.10.0/24 \
  --gateway=172.16.10.1 \
  -o parent=eth0.10 \
  macvlan_vlan10

# VLAN 20: Subnet 172.16.20.0/24, Gateway 172.16.20.1
docker network create \
  --driver macvlan \
  --subnet=172.16.20.0/24 \
  --gateway=172.16.20.1 \
  -o parent=eth0.20 \
  macvlan_vlan20

# VLAN 25: Subnet 172.16.25.0/24, Gateway 172.16.25.1
docker network create \
  --driver macvlan \
  --subnet=172.16.25.0/24 \
  --gateway=172.16.25.1 \
  -o parent=eth0.25 \
  macvlan_vlan25

 

run the above command then edit the docker and you will see macvlan_vlan## and select that if you want that docker on that vlan.

 

thats it.

I don't know what failed, what setting, or if you had previous docker corruption that is fixed or reset with the upgrade. but in my testing it involved around the docker setting preserver user defined... which is why I recommend upgrading to 6 stable then 7... as some setting were not introduced from 6.9 due to the macvlan bug...

This worked, thank you so much! Not sure about the setting you mentioned, whether or not it was enabled but it is after the update because i didn't turn it on after the update. Either way this seems to be the fix.  

 

David

13 hours ago, bmartino1 said:

T
to fix this make docker network:
 

# VLAN 10: Subnet 172.16.10.0/24, Gateway 172.16.10.1
docker network create \
  --driver macvlan \
  --subnet=172.16.10.0/24 \
  --gateway=172.16.10.1 \
  -o parent=eth0.10 \
  macvlan_vlan10

# VLAN 20: Subnet 172.16.20.0/24, Gateway 172.16.20.1
docker network create \
  --driver macvlan \
  --subnet=172.16.20.0/24 \
  --gateway=172.16.20.1 \
  -o parent=eth0.20 \
  macvlan_vlan20

# VLAN 25: Subnet 172.16.25.0/24, Gateway 172.16.25.1
docker network create \
  --driver macvlan \
  --subnet=172.16.25.0/24 \
  --gateway=172.16.25.1 \
  -o parent=eth0.25 \
  macvlan_vlan25

 

run the above command then edit the docker and you will see macvlan_vlan## and select that if you want that docker on that vlan.

 

thats it.

I don't know what failed, what setting, or if you had previous docker corruption that is fixed or reset with the upgrade. but in my testing it involved around the docker setting preserver user defined... which is why I recommend upgrading to 6 stable then 7... as some setting were not introduced from 6.9 due to the macvlan bug...

I noticed you have a macvlan.  Mine has been and is still IPVLAN.  I wonder if that's the issue.  For the others that have issues, what's your VLAN driver?

  • Community Expert

I think the issue is that v7 is not accepting non stander CIDR subnets for VLANs:

 

image.png

 

Please retest with 0 as the last digit.

  • Community Expert
5 hours ago, brian.cline2 said:

I noticed you have a macvlan.  Mine has been and is still IPVLAN.  I wonder if that's the issue.  For the others that have issues, what's your VLAN driver?

ipvlan being the setting is not the issue here...

 

in my testing, i've used both. you can have ipvlan be the default and make macvlan Docker networks for your vlans and/or ipvlan for your vlans...

the unraid Docker settings default affects the main interface and its baseline default configuration, meaning that if the webUI is set to ipvlan it will make a ipvlan docker of the main/original interface default being br0 so docker networks would use br0

 

Thanks JorgeB.

From my understanding here, user dchadd has it fixed. I'm still waiting on data form OP user cpsmith516...

 

As It doesn't matter if you use ipvlan / macvlan ... that a interaction issue it does matter what your vlan network interfaces are, your ip routes, and how you make a docker network to use that in the docker interface...

 

The point is that the setting user defined was either ignored as I don't have a clear answer if that option was set before they upgraded... If it was not set this is the correct and default behavior...

When testing the beta and having that option set my vlan and other router and other docker networks were saved. some with beta to full release and stable to full release. Its clear they had a misconfiguration and told it to do something or not know about that option before a update and as that option was not set there networks were cleared...

 

if you wanted ipvlan then do this:

# VLAN 10: Subnet 172.16.10.0/24, Gateway 172.16.10.1
docker network create \
  --driver ipvlan \
  --subnet=172.16.10.0/24 \
  --gateway=172.16.10.1 \
  -o parent=eth0.10 \
  ipvlan_vlan10

# VLAN 20: Subnet 172.16.20.0/24, Gateway 172.16.20.1
docker network create \
  --driver ipvlan \
  --subnet=172.16.20.0/24 \
  --gateway=172.16.20.1 \
  -o parent=eth0.20 \
  ipvlan_vlan20

# VLAN 25: Subnet 172.16.25.0/24, Gateway 172.16.25.1
docker network create \
  --driver ipvlan \
  --subnet=172.16.25.0/24 \
  --gateway=172.16.25.1 \
  -o parent=eth0.25 \
  ipvlan_vlan25

 

as it clear to me that this was a misconfiguration...

  • Community Expert

you can run both ipvlan and macvlan... you can make a macvlan docker network with the same parent interface... 

I just want to point out that I've gone through multiple updates with no issues. I was updating from the latest stable prior to 7.0 to 7.0. I may have some backup files that I can look at the configuration and see if that setting was turned on. I'll take a look and see if I can find anything. 

DOCKER_ENABLED="yes"
DOCKER_IMAGE_FILE="/mnt/zfs-pool/system/docker/docker.img"
DOCKER_IMAGE_SIZE="40"
DOCKER_APP_CONFIG_PATH="/mnt/user/appdata/"
DOCKER_APP_UNRAID_PATH=""
DOCKER_READMORE="yes"
DOCKER_PID_LIMIT=""
DOCKER_CUSTOM_NETWORKS="eth0.10 eth0.20 eth0.25 eth1 "
DOCKER_TIMEOUT="10"
DOCKER_LOG_ROTATION="yes"
DOCKER_LOG_SIZE="50m"
DOCKER_LOG_FILES="1"
DOCKER_AUTHORING_MODE="yes"
DOCKER_ALLOW_ACCESS="yes"
DOCKER_USER_NETWORKS="preserve"
DOCKER_DHCP_ETH0="172.16.1.224/27"
DOCKER_DHCP_ETH0_10="172.16.10.224/27"
DOCKER_DHCP_ETH0_20="172.16.20.224/27"
DOCKER_DHCP_ETH0_25="172.16.25.64/26"
DOCKER_SUBNET_ETH0_10="172.16.10.0/24"
DOCKER_GATEWAY_ETH0_10="172.16.10.1"
DOCKER_RANGE_ETH0_10="172.16.10.200/27"
DOCKER_SUBNET_ETH0_20="172.16.20.0/24"
DOCKER_GATEWAY_ETH0_20="172.16.20.1"
DOCKER_RANGE_ETH0_20="172.16.20.200/27"
DOCKER_SUBNET_ETH0_25="172.16.25.0/24"
DOCKER_GATEWAY_ETH0_25="172.16.25.1"
DOCKER_RANGE_ETH0_25="172.16.25.200/27"

Here is the docker.cfg from the backup that ran the night before I updated to 7.0. Last modified 9/29/2024. I recall only using the GUI to configure the custom networks. I don't recall doing any commands to get this working originally. But again this is fixed and working as expected now. I have full backups of docker containers and my flash configuration so let me know if there's anything else that will be helpful. 

 

Hope this helps.

Edited by dchadd
Adding more info

  • Community Expert

Having older flash backs as this is the docker config file located under teh config folcer on the flash drive

 

My current config

root@BMM-Unraid:/boot/config# cat docker.cfg 
DOCKER_ENABLED="yes"
DOCKER_IMAGE_FILE="/mnt/user/system/docker/docker-xfs.img"
DOCKER_IMAGE_SIZE="500"
DOCKER_APP_CONFIG_PATH="/mnt/user/Dockers/"
DOCKER_APP_UNRAID_PATH=""
DOCKER_READMORE="yes"
DOCKER_PID_LIMIT=""
DOCKER_CUSTOM_NETWORKS=" "
DOCKER_TIMEOUT="10"
DOCKER_LOG_ROTATION="yes"
DOCKER_LOG_SIZE="1g"
DOCKER_LOG_FILES="1"
DOCKER_AUTHORING_MODE="yes"
DOCKER_ALLOW_ACCESS="yes"
DOCKER_USER_NETWORKS="preserve"
DOCKER_IMAGE_TYPE="xfs"
DOCKER_BACKINGFS="native"
root@BMM-Unraid:/boot/config#

 

as my oldest rc 7 beta 1

 

root@BMM-Unraid:/mnt/user/Users/Elliott# cat docker.cfg 
DOCKER_ENABLED="yes"
DOCKER_IMAGE_FILE="/mnt/user/system/docker/docker-xfs.img"
DOCKER_IMAGE_SIZE="100"
DOCKER_APP_CONFIG_PATH="/mnt/user/appdata/"
DOCKER_APP_UNRAID_PATH=""
DOCKER_READMORE="yes"
DOCKER_CUSTOM_NETWORKS=" "
DOCKER_TIMEOUT="10"
DOCKER_LOG_ROTATION="yes"
DOCKER_LOG_SIZE="1g"
DOCKER_LOG_FILES="1"
DOCKER_AUTHORING_MODE="yes"
DOCKER_ALLOW_ACCESS="yes"
DOCKER_USER_NETWORKS="preserve"
DOCKER_IMAGE_TYPE="xfs"

 

*No vlans as this is the one i have access too to show the preserve option is set.

 

I can confirm that yes you had teh option preserver and that the upgrade ignroed that option. the question is why. was there a docker config conflict or check that your current configuration failed

8 minutes ago, bmartino1 said:

Having older flash backs as this is the docker config file located under teh config folcer on the flash drive

 

My current config

root@BMM-Unraid:/boot/config# cat docker.cfg 
DOCKER_ENABLED="yes"
DOCKER_IMAGE_FILE="/mnt/user/system/docker/docker-xfs.img"
DOCKER_IMAGE_SIZE="500"
DOCKER_APP_CONFIG_PATH="/mnt/user/Dockers/"
DOCKER_APP_UNRAID_PATH=""
DOCKER_READMORE="yes"
DOCKER_PID_LIMIT=""
DOCKER_CUSTOM_NETWORKS=" "
DOCKER_TIMEOUT="10"
DOCKER_LOG_ROTATION="yes"
DOCKER_LOG_SIZE="1g"
DOCKER_LOG_FILES="1"
DOCKER_AUTHORING_MODE="yes"
DOCKER_ALLOW_ACCESS="yes"
DOCKER_USER_NETWORKS="preserve"
DOCKER_IMAGE_TYPE="xfs"
DOCKER_BACKINGFS="native"
root@BMM-Unraid:/boot/config#

 

as my oldest rc 7 beta 1

 

root@BMM-Unraid:/mnt/user/Users/Elliott# cat docker.cfg 
DOCKER_ENABLED="yes"
DOCKER_IMAGE_FILE="/mnt/user/system/docker/docker-xfs.img"
DOCKER_IMAGE_SIZE="100"
DOCKER_APP_CONFIG_PATH="/mnt/user/appdata/"
DOCKER_APP_UNRAID_PATH=""
DOCKER_READMORE="yes"
DOCKER_CUSTOM_NETWORKS=" "
DOCKER_TIMEOUT="10"
DOCKER_LOG_ROTATION="yes"
DOCKER_LOG_SIZE="1g"
DOCKER_LOG_FILES="1"
DOCKER_AUTHORING_MODE="yes"
DOCKER_ALLOW_ACCESS="yes"
DOCKER_USER_NETWORKS="preserve"
DOCKER_IMAGE_TYPE="xfs"

 

*No vlans as this is the one i have access too to show the preserve option is set.

 

I can confirm that yes you had teh option preserver and that the upgrade ignroed that option. the question is why. was there a docker config conflict or check that your current configuration failed

I only have a month of daily backups so the docker.cfg files are identical to the one I posted since it was modified in September of 2024. Also, I was updating from 6.12.14 if that's helpful.

  • Community Expert
12 hours ago, dchadd said:
DOCKER_RANGE_ETH0_25="172.16.25.200/27"

This is the problem, see the recent note added to the release notes:

 

image.png

On 1/15/2025 at 3:51 AM, JorgeB said:

This is the problem, see the recent note added to the release notes:

 

image.png

Sorry for being dumb here, but "fix the CIDR" how?

image.thumb.png.c7274ac69b8fa0624b5d705b928f431c.png

29 minutes ago, brian.cline2 said:

Sorry for being dumb here, but "fix the CIDR" how?

image.thumb.png.c7274ac69b8fa0624b5d705b928f431c.png

I believe he is saying since we were using a non-standard CIDR you need to switch the last digit of the DHCP range to a 0. For instance for 192.168.20.50 would switch to 192.168.20.0. 

Edited by dchadd

26 minutes ago, dchadd said:

I believe he is saying since we were using a non-standard CIDR you need to switch the last digit of the DHCP range to a 0. For instance for 192.168.20.50 would switch to 192.168.20.0. 

I'll give it a shot and see what happens.  Thanks for the suggestion 👍

@dchadd, that did it.  My VLANs are back and selectable now.  Thanks for the suggestion!!

  • Community Expert
2 hours ago, dchadd said:

I believe he is saying since we were using a non-standard CIDR you need to switch the last digit of the DHCP range to a 0. For instance for 192.168.20.50 would switch to 192.168.20.0.

Yes, thanks, you can only use standard subnets, ending in 0, for both the subnets and the DHCP pools.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.