September 8, 20178 yr Hi, I am trying to figure out how (if possible) to assign a dedicated IP address to my Plex docker. The reason for this is that I am running a pfsense router at home and this server is including all the traffic from my UNRAID server into a VPN and I'd like to have different IP addressees for my dockers so I can assign specific fiewall and NAT rules for them individually. I know I can do this using port mapping for incoming connections, but I want to be able to manage outgoing connections as well, for example if I want some specific docker to use a different default gateway to go out of my network or stuff like that. Is it possible to assign a different IP address to dockers at all? Thank you! Ignacio.
September 8, 20178 yr Just now, Nano-uk said: Hi, I am trying to figure out how (if possible) to assign a dedicated IP address to my Plex docker. The reason for this is that I am running a pfsense router at home and this server is including all the traffic from my UNRAID server into a VPN and I'd like to have different IP addressees for my dockers so I can assign specific fiewall and NAT rules for them individually. I know I can do this using port mapping for incoming connections, but I want to be able to manage outgoing connections as well, for example if I want some specific docker to use a different default gateway to go out of my network or stuff like that. Is it possible to assign a different IP address to dockers at all? Thank you! Ignacio. It is possible in unraid 6.4, currently in beta. I was in the exact same situation as you and it works like a charm now.. Plex has its own IP address and is now bypassing the outgoing VPN.
September 8, 20178 yr Author 9 minutes ago, Helmonder said: It is possible in unraid 6.4, currently in beta. I was in the exact same situation as you and it works like a charm now.. Plex has its own IP address and is now bypassing the outgoing VPN. Hi, thanks for the quick reply! Is the beta stable enough to justify upgrading the whole server? (I only have this one Unraid server with all my data). Thanks!
September 8, 20178 yr 2 hours ago, Nano-uk said: Is the beta stable enough to justify upgrading the whole server? (I only have this one Unraid server with all my data). I've been running it on my production server with no problems. I don't however use the new features of encryption / SSL access though (don't trust them yet in a production environment )
September 8, 20178 yr 3 hours ago, Nano-uk said: Hi, I am trying to figure out how (if possible) to assign a dedicated IP address to my Plex docker. The reason for this is that I am running a pfsense router at home and this server is including all the traffic from my UNRAID server into a VPN and I'd like to have different IP addressees for my dockers so I can assign specific fiewall and NAT rules for them individually. I know I can do this using port mapping for incoming connections, but I want to be able to manage outgoing connections as well, for example if I want some specific docker to use a different default gateway to go out of my network or stuff like that. Is it possible to assign a different IP address to dockers at all? Thank you! Ignacio. As mentioned by the others it is supported in the latest beta. If you don't want to go the beta route yet you can use Pipework Docker to accomplish what you are after. Install the correct version for your unRAID version then for each Docker you want to assign an IP, enable advanced mode, change network to 'none' and add the code below to the 'extra parameters' box specifying a unique IP/gateway and a unique valid fake MAC address. In pfSense, create a static DHCP lease for the MAC and IP configuration. Create an Alias in pfSense that contains all the IP addresses for the stuff you want to go through VPN and create your rules based on the Alias. extra parameters: -e 'pipework_cmd=br0 @CONTAINER_NAME@ 192.168.1.247/[email protected] fd:de:b4:99:56:1d' Copy in exactly as shown, including the ' ' and the "@CONTAINER_NAME@". Change the IP and gateway IP and the MAC address for your specific configuration. Best to have Pipework set to auto-start and verify it is started - view the log tail and verify 'start' is in the last entry. If not started, stop then start and verify again. After that you can crank up the remaining Dockers that use Pipework. Edited September 8, 20178 yr by unevent
September 9, 20178 yr If you're using the latest stable (6.3.5) - Try using the builtin Docker capability for Dedicated IP addresses rather than the complicated Pipework - see: https://forums.lime-technology.com/topic/54882-630-how-to-setup-dockers-without-sharing-unraid-ip-address/
September 10, 20178 yr This is how I encrypted all my traffic and still got Plex working if that helps at all. https://www.linuxserver.io/2017/05/01/how-to-run-pfsense-with-pia-vpn-but-still-use-plex-remote-access/
September 10, 20178 yr The beta is running fine for many weeks over here.. However it IS still a beta.. So if you are cautious with that just hold on a little longer.. In a week or so I am expecting this to be released and you will have no more problems.. I just killed off my latest KVM and running Docker only.. No problems whatsoever.
September 10, 20178 yr 6 minutes ago, Helmonder said: In a week or so I am expecting this to be released and you will have no more problems. I think you're being optimistic.....
September 12, 20178 yr I have been waiting patiently for this as well as I will far prefer having each docker have its own IP as opposed to having to remember all of the ports required whenever I want to access the web UI for a docker. What was 8080 vs 7080 vs 6080? IP addresses will be easier, at least IMHO. And then you can enter all of the IPs in a hosts file and just use the docker name if you want
December 2, 20178 yr I am running 6.4.0rc14. I would also love to assign a dedicated IP to one of the dockers? Possible and if so, how?
December 2, 20178 yr 4 hours ago, steve1977 said: I am running 6.4.0rc14. I would also love to assign a dedicated IP to one of the dockers? Possible and if so, how? Click on 'Network Type' in the docker settings (may need advanced view) and then enter an IP address in the new field that appears below. Very simple. If you have a VLAN capable switch, you can also create VLANs in Settings/Network settings and then choose different VLANs e.g. I have deluge going down my VPN VLAN and nzbget not, as usenet is encrypted so I'm not wasting CPU cycles pushing it down the VPN
December 2, 20178 yr thanks. i run a router vpn, so everything runs over vpn unless i exclude the ip. let me describe what i want to do: * sanzbd docker (want to exclude from vpn, but maybe remote access as web server) * nextcloud docker (need to forward port 80/443 to get this running) * in the future i may want to add deluge docker i have a reasonably modern asus router. is it possible to achieve?
December 2, 20178 yr If your router can decide to route via ip address then yes. For your remotely access needs look into the letsencrypt docker
December 2, 20178 yr i’d still need to set each docker to a different IP? otherwise, i couldn’t have nextcloud listening to 80?
December 2, 20178 yr Yes. I'd use letsencrypt for remote access, rather than opening ports for nextcloud
December 2, 20178 yr true true. to be precise, letsencrypt is the one listening on port 80/443. so, i need to open the ports for letsencrypt. for different reasons, i prefer not to run letsencrypt on 81/444. with unraid beta, i can now set it to 80/443 and give it its own IP.
December 3, 20178 yr Two related questions: 1) Can I have two dockers share the same IP (a different one from unraid)? 2) Can I stop Unraid from listening on 80/443 and instead have Unraid listen on different ports?
December 3, 20178 yr 1. No and things would get messy if you did 2. Yes, go to settings/identification to change unraid ports. However, there's no need as unraid would listen on say 192.168.1.100:443 and le on whatever IP you assign e.g 192.168.1.101:443 Edited December 3, 20178 yr by DZMM Correction
December 3, 20178 yr thanks. helpful as always. i followed some other advice on this forum to change the “go” file to change the unreif port. somehow didn’t do it right though. upon restart, i can no longer access the unraid gui. i can still ssh into it though. any thought what i bricked?
December 3, 20178 yr i changed it with nano and then changed it back. is there some command to “restart” the gui? actually, i followed the advice in the official unraid wiki. outdated?
December 3, 20178 yr Got it working. Not sure what I have done differently, but now it works. Thanks!
December 3, 20178 yr 5 hours ago, steve1977 said: i changed it with nano and then changed it back. is there some command to “restart” the gui? actually, i followed the advice in the official unraid wiki. outdated? With unRAID 6.4 port settings are no longer set in the go file, but under Settings -> Identification. Also unRAID 6.4 supports macvlan, which allows to assign different IP addresses to docker containers from the GUI.
Archived
This topic is now archived and is closed to further replies.