March 2, 20251 yr I've seen variants of this question get asked a lot, but I haven't found a solution that works for me. Maybe that means it's not possible, but I want to confirm before I give up on it. I don't have much networking knowledge, so I'm sure that's limiting me in my search. I have a docker container running on unraid v7.0.1 (network br0), and I want to be able to talk to a docker container (network host). I don't want every container on br0 to be able to talk to the host, just a specific one. "Docker custom network type" is ipvlan, and "Host access to custom networks" is Disabled. I know that that second option would allow me to talk to the host, but that would also let all my other containers do it as well, right? I've seen some problems with macvlan in the past, so I'm not sure that is the right direction to go (but I've also seen mentions that those have been resolved). Any help or pointing me to better documentation would be appreciated! I would not only like to understand how to do it but also why it works that way, if that's possible. Thank you!
March 2, 20251 yr Community Expert 6 hours ago, fleshy1424 said: I have a docker container running on unraid v7.0.1 (network br0), and I want to be able to talk to a docker container (network host). I don't want every container on br0 to be able to talk to the host, just a specific one. "Docker custom network type" is ipvlan, and "Host access to custom networks" is Disabled. I know that that second option would allow me to talk to the host, but that would also let all my other containers do it as well, right? Yes, that is correct. You either have no br0 container allowed talk to the host or all of them. If you really set on that route, you could technically have that container speak to the host over a vpn for example. But i would just advise you to use the lxc plugin. The lxc container can communicate with the host and vice versa without issue over the veth interface. Edited March 2, 20251 yr by Mainfrezzer
March 18, 20251 yr This can be achieved by using iptablets to work with specific containers. For that, you have to find the container's Ip using Docker. After that, you can add the required firewall rules. I hope it helps.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.