Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Complex Docker Networking Issue: Reverse Proxy fails for internal clients (SSL/502/QUIC Errors)

Featured Replies

Hello everyone,

I set up my Unraid server about two months ago and I'm relatively new to this. For the past three days, I've been facing a persistent issue where I can no longer access my services via their public domains from my local network. External access (via cellular) works for some services.

I would be very grateful for your help!

Hardware & System
  • Motherboard/CPU/RAM: MSI PRO B760M-P, Intel i3-12100, 32 GB DDR4 RAM

  • Storage: 1 TB NVMe Cache, 3x 2TB Storage HDDs, 1x 2TB Parity HDD

  • Unraid OS Version: 7.1.4

  • Docker Version: 27.5.1

  • Plugins: CA Mover Tuning, File Activity, Unraid Connect, Appdata Backup (not used so far), CA Auto Update Applications, Community Applications, Compose Manager, Dynamix Cache Directories, Dynamix File Integrity, Dynamix S3 Sleep, Dynamix System Information, Fix Common Problems, FolderView2, User Scripts

Network Setup
  • Unraid Host IP: 192.168.178.105

  • Gateway (Fritz!Box 7590): 192.168.178.1

  • DNS (Pi-hole): 192.168.178.222

Services Overview

Container

Network/IP/Domain

Comment

Pi-hole (binhex)

br0, 192.168.178.222

pihole.local

[Formerly] Nginx Proxy Manager

192.168.178.105:8181

npm.local

(NPM)

used this for most of the time

[Formerly] Caddy

not known anymore

[Currently] Traefik

bridge, 192.168.178.107:8080

Unraid-Cloudflared-Tunnel

bridge, n/a

Immich

bridge, 192.168.178.105:2283

im.mydomain.abc

compose stack with 4 containers

Nextcloud AIO

bridge, n/a (only mastercontainer)

nc.mydomain.abc

9 containers

Jellyfin

bridge, 192.168.178.105:8096

jf.mydomain.abc

Home Assistant (VM)

192.168.178.110:8123

ha.mydomain.abc

Not a docker container but a VM (by default)

Paperless-ngx

bridge, 192.168.178.105:8000

no domain

additionally installed for this (advised by a tutorial): postgresql17, Redis, gotenberg, Apache-Tika-Server

Problem and previous solutions attempts

I've gotten everything to work perfectly. I could access all services via their IP addresses, their .local domains (with HTTPS via NPM), and their public *.mydomain.abc domains from both inside and outside my network. I've set up my subdomains for im/nc/jf/ha in NPM and got the Cloudflare tunnels working.

A few days ago, the last thing I installed was Paperless; no problems with that. Two days later, I added another Unraid share in Nextcloud (via external storage) which was when the problems started. But I can't imagine how this could be the cause of the problems, it may be a coincidence.

Suddenly, my Nextcloud froze. I restarted NPM and since then, it all went out of control. I can't even remember all the steps; I've chatted for hours with Gemini for days, trying to solve it.

Symptoms:

  • Access to all *.mydomain.abc domains from within my LAN fails.

  • Access via IP (e.g., http://192.168.178.105:8096) still works for most services.

  • Access via cellular network (external) works for some services, but not consistently.

  • Nextcloud is completely inaccessible as it relies on domain access.

  • The .local domains also stopped working temporarily; by reinstalling and setting up NPM, I was able to fix this.

The browser errors are inconsistent, but the most common are:

  • ERR_QUIC_PROTOCOL_ERROR (Chromium browsers)

  • SSL_ERROR_UNRECOGNIZED_NAME_ALERT (Firefox)

  • ERR_TOO_MANY_REDIRECTS

  • 502 Bad Gateway or 504 Gateway Timeout (from Cloudflare, external access)

Troubleshooting Steps Already Taken

I have spent several days troubleshooting this extensively. The key steps that have already been tried without success are:

  • Tried multiple browsers (Firefox, Chrome, Brave) on multiple devices to rule out client-side caching.

  • Verified container-to-container communication using curl from within the proxy container.

  • Tried multiple Docker network architectures (bridge, br0, custom networks) for the proxy and backend services.

  • Complete reinstallation of reverse proxies (started with NPM, tested Caddy, currently on a fresh install of Traefik).

  • Confirmed Pi-hole is correctly resolving internal requests to the proxy's IP using nslookup.

  • Checked my DNS Records in Pi-hole.

  • Fixed an initial issue where Pi-hole was also returning public IPv6 addresses.

  • Reconfigured my Cloudflare tunnels.

  • Deactivated QUIC/HTTP/3 in Cloudflare.

Gemini and ChatGPT have no ideas how to help anymore. Gemini officially gave up several times and told me to go to the Unraid forum. It said that the issue is a fundamental problem with the Unraid networking environment.

As I only installed Caddy and Traefik for testing if the problem was NPM, I think I would prefer to set up NPM again; I liked it more than Traefik.

I've attached my Unraid diagnostics file. And a txt file with the traefik.yml and config.yml and the current jellyfin labels for traefik (as example, currently only jellyfin is set up for testing in traefik). Gemini told me to send these.

Thank you very much for your help!

calypso-diagnostics-20250731-1151.zip traefik.yml, config.yml and jellyfin labels.txt

  • Author

Bumping this to see if any of the networking experts have an idea what to investigate next. The problem still persists.

Meanwhile, I have reinstalled NPM and tested all variants of connection, see table below.

Thanks!

grafik.png

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.