June 22, 20251 yr I have some confusion about now unRAID is handling network adapters. I have two, physical adapters configured as follows:eth0 - plugged into port 15 on my switch, configured with 172.16.17.252eth1 - plugged into port 16 on my switch, configured with 172.16.17.251Now, when I disable either of those ports on the switch, BOTH addresses will still answer. It's confusing to me, as I would expect one link to be down (unRAID says it is) but yet both IPs answer to pings. Why I'm confused is that I want to setup a VLAN for my Dockers and also segregate network traffic coming in on either interface from media servers (eg, some map NFS via .252 and some via .251 for primitive "load balancing").I have the Dockers VLAN (666) setup as br.1 on eth1 and it's working... but I just don't know if it's sending over BOTH interfaces somehow as all traffic seems to traverse even if the port that .251 is plugged into it disabled. If I disable BOTH ports then all traffic stops, as expected.Here's the hardware output and unRAID screens... I will attached logs / diags as well in case those help. I am just confused, and it's HIGHLY likely I'm just dumb :)There is something interesting, the switch shows a third MAC address attached to port 15 ... not sure what this is or how it's being used.... image attached.*** I think this is solved, I enabled bridging on eth0 and that mac went away, it was being added as vhost0, after enabling bridging on eth0 this went away *** angband-diagnostics-20250622-0420.zip Edited June 22, 20251 yr by Kristopher
June 22, 20251 yr Community Expert eth0 toook primary as in linux you can't have 2 nics on teh same subnet.eth0 - plugged into port 15 on my switch, configured with 172.16.17.252eth1 - plugged into port 16 on my switch, configured with 172.16.17.251run iproute. You will see that the subnet for 172.16.17.252 is set for routing the 172.16.17.0/24 thus any ting on unraid trying to reach the 172.16.17.x lan will use eth0 per the data of the iproute*This is where you would setup bonding...UNRIAD is not networking equipment! ...further, you have Linux networking in unraid issues with tagged vs untaged..."I have the Dockers VLAN (666) setup as br.1 on eth1 and it's working"for the unriad interface to correctly use vlan 666 the interface needs to be setup and made as br0.666 and or eth0.666In network setting in the web ui make sure you enable vlans and add valn 666. Unless your using a layer 3 switch and doing weird vlan cross talk br.1 is a network misconfiguration...so whats your end goal here???
June 22, 20251 yr Community Expert reveiw:https://forums.unraid.net/topic/147455-support-unifi-controller-unifi-unraid-reborn/page/11/#findComment-1384213https://forums.unraid.net/topic/147455-support-unifi-controller-unifi-unraid-reborn/page/11/#findComment-1385625https://forums.unraid.net/topic/188695-docker-network-issue/#findComment-1541042https://forums.unraid.net/topic/191099-networking-for-a-container/#comment-1560951https://forums.unraid.net/topic/190501-unraid-in-unifi/page/2/#comment-1558327
June 22, 20251 yr Author 1 hour ago, bmartino1 said:eth0 toook primary as in linux you can't have 2 nics on teh same subnet.eth0 - plugged into port 15 on my switch, configured with 172.16.17.252eth1 - plugged into port 16 on my switch, configured with 172.16.17.251run iproute. You will see that the subnet for 172.16.17.252 is set for routing the 172.16.17.0/24 thus any ting on unraid trying to reach the 172.16.17.x lan will use eth0 per the data of the iproute*This is where you would setup bonding...UNRIAD is not networking equipment! ...further, you have Linux networking in unraid issues with tagged vs untaged..."I have the Dockers VLAN (666) setup as br.1 on eth1 and it's working"for the unriad interface to correctly use vlan 666 the interface needs to be setup and made as br0.666 and or eth0.666In network setting in the web ui make sure you enable vlans and add valn 666. Unless your using a layer 3 switch and doing weird vlan cross talk br.1 is a network misconfiguration...so whats your end goal here???Thank you for your thoughtful and quick reply, remember when I said "there's a huge chance I'm just dumb" ?It, of course, makes sense about the two NICs on the same subnet, I can see that now, thank you. I wasn't trying to imply anywhere that unraid was networking equipment My end goal was to see if I could segregate traffic between media servers - one going to NIC 1 and the other to NIC 2. I had tried LACP and RR bonding (yes, my switch supports LACP) but I didn't really see much of a difference. I also wanted to visualize how much traffic was flowing over either interface. So, in the interim now, I set my eth1 to be 10.67.2.30 (the outside of my /27 range for the Dockers network on my router).ETH0 - 172.16.17.252, VLANS (1021 for media servers) ETH1 - 10.67.2.30, VLANS (666 for Dockers)When I tested by downloading something, I can now see traffic flowing on the eth1 interface. I'm aiming to isolate the heavy traffic of downloading away from the media serving, hence the two physical adapters on two separate switch ports.
June 22, 20251 yr Community Expert ok this seems feasible.Your correct. Apologies if that came off cross. Its something I have to keep reminding myself and inform other. Not mush changes with LACP and I have found that even with bonding it will defer to etho0 until eth0 is not available.more info on unriad setup with LACP:https://forums.unraid.net/topic/124311-counfiguring-8023ad-lacp/most use unifi: https://gist.github.com/sems/f3b2f10ea0fb30d6f6fade841a12dfaeyour experience with LACP is common. On Unraid, the benefits are often minimal unless you’re aggregating traffic across multiple clients or running iSCSI/NFS at scale. Also, Docker and LACP often conflict, with Docker preferring a single NIC (usually eth0), making bonding a bit moot in this context.Since we are now separating 2 eth interfaces with Vlans. We will need to make sure the output on unraid interfaces show eth0.1021 and eth1.666with the array off under settings > Network settings. There is a add vlan option.Since both are mainly dockers based. You would need to make 2 docker networks to the tagged vlan interfaces to cross talk.Unraid docker run doen't allow for more then 1 docker connected at a time. so full separation and isolation may not be 100% fesible.Networking on Unraid can be confusing.once you get unraid to see the 2 interfaces "eth0.1021 and eth1.666"and have the docker setting to preserve user defined networks, you can create 2 docker networks. and inform the dockers on unraid to be on this net or that net, but not both at the same time.(atleast not easily... there a side unraid command to attach networks to running dockers..)* docker network connect media_net my_containerYou're absolutely right to separate traffic this way: using eth0 for media (on VLAN 1021) and eth1 for Docker downloads (on VLAN 666) makes a lot of sense and gives you clear monitoring and path separation.Once you’ve configured Unraid to show:eth0.1021 → for media-serving containerseth1.666 → for download-heavy containers# For media servers on eth0.1021docker network create -d macvlan \ --subnet=172.16.17.0/24 \ --gateway=172.16.17.1 \ -o parent=eth0.1021 \ media_net# For downloaders on eth1.666docker network create -d macvlan \ --subnet=10.67.2.0/27 \ --gateway=10.67.2.1 \ -o parent=eth1.666 \ download_net-Adjust the subnet/gateway to match your real network layout, of course.Make sure Settings > Docker has “Preserve user-defined networks” set to Yes before starting the Docker service.Each container can only be on one custom network at creation in the Unraid UI. If you need multiple networks, you can:Or use docker-compose via compose.manager plugin...
June 22, 20251 yr Author 15 minutes ago, bmartino1 said:ok this seems feasible.Your correct. Apologies if that came off cross. Its something I have to keep reminding myself and inform other. Not mush changes with LACP and I have found that even with bonding it will defer to etho0 until eth0 is not available.more info on unriad setup with LACP:https://forums.unraid.net/topic/124311-counfiguring-8023ad-lacp/most use unifi: https://gist.github.com/sems/f3b2f10ea0fb30d6f6fade841a12dfaeyour experience with LACP is common. On Unraid, the benefits are often minimal unless you’re aggregating traffic across multiple clients or running iSCSI/NFS at scale. Also, Docker and LACP often conflict, with Docker preferring a single NIC (usually eth0), making bonding a bit moot in this context.Since we are now separating 2 eth interfaces with Vlans. We will need to make sure the output on unraid interfaces show eth0.1021 and eth1.666with the array off under settings > Network settings. There is a add vlan option.Since both are mainly dockers based. You would need to make 2 docker networks to the tagged vlan interfaces to cross talk.Unraid docker run doen't allow for more then 1 docker connected at a time. so full separation and isolation may not be 100% fesible.Networking on Unraid can be confusing.once you get unraid to see the 2 interfaces "eth0.1021 and eth1.666"and have the docker setting to preserve user defined networks, you can create 2 docker networks. and inform the dockers on unraid to be on this net or that net, but not both at the same time.(atleast not easily... there a side unraid command to attach networks to running dockers..)* docker network connect media_net my_containerYou're absolutely right to separate traffic this way: using eth0 for media (on VLAN 1021) and eth1 for Docker downloads (on VLAN 666) makes a lot of sense and gives you clear monitoring and path separation.Once you’ve configured Unraid to show:eth0.1021 → for media-serving containerseth1.666 → for download-heavy containers# For media servers on eth0.1021docker network create -d macvlan \--subnet=172.16.17.0/24 \--gateway=172.16.17.1 \-o parent=eth0.1021 \media_net# For downloaders on eth1.666docker network create -d macvlan \--subnet=10.67.2.0/27 \--gateway=10.67.2.1 \-o parent=eth1.666 \download_net-Adjust the subnet/gateway to match your real network layout, of course.Make sure Settings > Docker has “Preserve user-defined networks” set to Yes before starting the Docker service.Each container can only be on one custom network at creation in the Unraid UI. If you need multiple networks, you can:Or use docker-compose via compose.manager plugin...Thanks for clarifying, and I totally get being frustrated -- I am actually in IT and I know dealing with constant newb questions can get tired fast. I'm not very strong in networking (trying to get better) and it's things like vlans etc where my brain starts to hurt. To clarify I'm not using unraid for the streaming, only the NFS storage that the media servers pull from. I have both NICs bound to the MEDIA SERVERS vlan (in case I want to move one server onto that physical NIC. I attached screenshots so they make better explain what I'm not great at :)
June 22, 20251 yr Community Expert ok, Is something not working in that configuration?https://www.youtube.com/watch?v=0xk7LsWwp2Ihttps://www.youtube.com/watch?v=9Ta9e09KyYwYou may need to go to listening interfaces to edit what br0 is connected too...the unraid webui affects eth0 / br0 depending on other settings.thus the use of terminal and other command line commands to make another bridge interface for eth1 and tagged vlan.an example is making a linux bridge our seves... no web UI as the Web UI is limited to what its interacting. This requires Decker setting preserver user defined enabled.Then I can only suggest running:#!/bin/bashset -eVLAN=666BR=br1IF=eth1SUBIF=${IF}.${VLAN}BR_SUB=${BR}.${VLAN}DOCKER_NET=my_br1_vlan60echo "=== CLEANUP any existing VLAN/interface/bridge ==="ip link delete ${BR_SUB} 2>/dev/null || trueip link delete ${SUBIF} 2>/dev/null || trueip link delete ${BR} 2>/dev/null || trueecho "=== CREATE BRIDGE and attach ${IF} ==="ip link add name ${BR} type bridgeip link set dev ${BR} upip link set dev ${IF} upip link set dev ${IF} master ${BR}echo "-- ${IF} added to ${BR}"echo "=== CREATE VLAN sub-interfaces VLAN ${VLAN} ==="ip link add link ${IF} name ${SUBIF} type vlan id ${VLAN}ip link set dev ${SUBIF} upip link add link ${BR} name ${BR_SUB} type vlan id ${VLAN}ip link set dev ${BR_SUB} upecho "-- VLAN sub-interfaces ${SUBIF} and ${BR_SUB} up"echo "=== SET IP on ${BR_SUB} (optional) ==="# Uncomment and edit as needed# ip addr add 10.10.60.11/26 dev ${BR_SUB}echo "=== CREATE Docker bridge network on ${BR} ==="docker network inspect ${DOCKER_NET} >/dev/null 2>&1 || \docker network create \-d bridge \--opt "com.docker.network.bridge.name=${BR}" \${DOCKER_NET}echo "✅ Setup complete. Docker network: ${DOCKER_NET} attached to bridge ${BR}."echo "You can launch containers using: docker run --network ${DOCKER_NET} …"What this script does:Bridge setup: Creates br1 and enslaves eth1 VLAN tagging:eth1.60: handles VLAN 60 trafficbr1.60: the bridge’s VLAN interfaceDocker network: Uses Docker’s --opt com.docker.network.bridge.name=br1 to bind the new br1 bridge into DockerAdjust VLAN=60 to your desired VLAN ID.Assign IP to br1.60 if this host needs IP reachability on that VLAN.Remove optional IPv4 block if you’d prefer DHCP.Ensure your physical switch port is set to trunk VLAN 60 (or untagged per your info)then you can target a macvlan/ipvlan for static ip for docker with the above mentioned docker network create command. Edited June 22, 20251 yr by bmartino1 data - typo
June 23, 20251 yr Author 18 hours ago, bmartino1 said:ok, Is something not working in that configuration?https://www.youtube.com/watch?v=0xk7LsWwp2Ihttps://www.youtube.com/watch?v=9Ta9e09KyYwYou may need to go to listening interfaces to edit what br0 is connected too...the unraid webui affects eth0 / br0 depending on other settings.thus the use of terminal and other command line commands to make another bridge interface for eth1 and tagged vlan.an example is making a linux bridge our seves... no web UI as the Web UI is limited to what its interacting. This requires Decker setting preserver user defined enabled.Then I can only suggest running:#!/bin/bashset -eVLAN=666BR=br1IF=eth1SUBIF=${IF}.${VLAN}BR_SUB=${BR}.${VLAN}DOCKER_NET=my_br1_vlan60echo "=== CLEANUP any existing VLAN/interface/bridge ==="ip link delete ${BR_SUB} 2>/dev/null || trueip link delete ${SUBIF} 2>/dev/null || trueip link delete ${BR} 2>/dev/null || trueecho "=== CREATE BRIDGE and attach ${IF} ==="ip link add name ${BR} type bridgeip link set dev ${BR} upip link set dev ${IF} upip link set dev ${IF} master ${BR}echo "-- ${IF} added to ${BR}"echo "=== CREATE VLAN sub-interfaces VLAN ${VLAN} ==="ip link add link ${IF} name ${SUBIF} type vlan id ${VLAN}ip link set dev ${SUBIF} upip link add link ${BR} name ${BR_SUB} type vlan id ${VLAN}ip link set dev ${BR_SUB} upecho "-- VLAN sub-interfaces ${SUBIF} and ${BR_SUB} up"echo "=== SET IP on ${BR_SUB} (optional) ==="# Uncomment and edit as needed# ip addr add 10.10.60.11/26 dev ${BR_SUB}echo "=== CREATE Docker bridge network on ${BR} ==="docker network inspect ${DOCKER_NET} >/dev/null 2>&1 || \docker network create \-d bridge \--opt "com.docker.network.bridge.name=${BR}" \${DOCKER_NET}echo "✅ Setup complete. Docker network: ${DOCKER_NET} attached to bridge ${BR}."echo "You can launch containers using: docker run --network ${DOCKER_NET} …"What this script does:Bridge setup: Creates br1 and enslaves eth1VLAN tagging:eth1.60: handles VLAN 60 trafficbr1.60: the bridge’s VLAN interfaceDocker network: Uses Docker’s --opt com.docker.network.bridge.name=br1 to bind the new br1 bridge into DockerAdjust VLAN=60 to your desired VLAN ID.Assign IP to br1.60 if this host needs IP reachability on that VLAN.Remove optional IPv4 block if you’d prefer DHCP.Ensure your physical switch port is set to trunk VLAN 60 (or untagged per your info)then you can target a macvlan/ipvlan for static ip for docker with the above mentioned docker network create command.No things seem to be working fine. I can see media traffic on eth0 and docker traffic on eth1 now. I am just concerned about saturating the eth0 now, lol. Perhaps I'll add another NIC at some point - or try to get some of the media servers onto eth1 too (just to offload a bit). It's definitely made a difference during heavy download periods -- however, there was a point where eth0 was registering 1.2Gbps lol.
June 23, 20251 yr Community Expert cool. I don't remember the linux command to check.But I do know some 10 GB nics don't advertise they are 10 GB connections.Example with some realtek as seen here:https://forums.unraid.net/topic/141349-plugin-realtek-r8125-r8126-r8168-and-r815267-drivers/#findComment-1279775
June 23, 20251 yr Author 4 minutes ago, bmartino1 said:cool. I don't remember the linux command to check.But I do know some 10 GB nics don't advertise they are 10 GB connections.Example with some realtek as seen here:https://forums.unraid.net/topic/141349-plugin-realtek-r8125-r8126-r8168-and-r815267-drivers/#findComment-1279775No, they're not 10Gb -- VMware think they are as VMXNET adapters. They're regular, old, 1Gb Realteks in the unRAID.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.