Can dockers have their own IP address?


Nano-uk

Recommended Posts

Hi,

 

I am trying to figure out how (if possible) to assign a dedicated IP address to my Plex docker. The reason for this is that I am running a pfsense router at home and this server is including all the traffic from my UNRAID server into a VPN and I'd like to have different IP addressees for my dockers so I can assign specific fiewall and NAT rules for them individually. I know I can do this using port mapping for incoming connections, but I want to be able to manage outgoing connections as well, for example if I want some specific docker to use a different default gateway to go out of my network or stuff like that.

 

Is it possible to assign a different IP address to dockers at all?

 

Thank you!

Ignacio.

Link to comment
Just now, Nano-uk said:

Hi,

 

I am trying to figure out how (if possible) to assign a dedicated IP address to my Plex docker. The reason for this is that I am running a pfsense router at home and this server is including all the traffic from my UNRAID server into a VPN and I'd like to have different IP addressees for my dockers so I can assign specific fiewall and NAT rules for them individually. I know I can do this using port mapping for incoming connections, but I want to be able to manage outgoing connections as well, for example if I want some specific docker to use a different default gateway to go out of my network or stuff like that.

 

Is it possible to assign a different IP address to dockers at all?

 

Thank you!

Ignacio.

 

It is possible in unraid 6.4, currently in beta.

 

I was in the exact same situation as you and it works like a charm now.. Plex has its own IP address and is now bypassing the outgoing VPN. 

Link to comment
9 minutes ago, Helmonder said:

 

It is possible in unraid 6.4, currently in beta.

 

I was in the exact same situation as you and it works like a charm now.. Plex has its own IP address and is now bypassing the outgoing VPN. 

Hi, thanks for the quick reply!

 

Is the beta stable enough to justify upgrading the whole server? (I only have this one Unraid server with all my data).

 

Thanks!

Link to comment
2 hours ago, Nano-uk said:

Is the beta stable enough to justify upgrading the whole server? (I only have this one Unraid server with all my data).

 

I've been running it on my production server with no problems.  I don't however use the new features of encryption / SSL access though (don't trust them yet in a production environment B|)

Link to comment
3 hours ago, Nano-uk said:

Hi,

 

I am trying to figure out how (if possible) to assign a dedicated IP address to my Plex docker. The reason for this is that I am running a pfsense router at home and this server is including all the traffic from my UNRAID server into a VPN and I'd like to have different IP addressees for my dockers so I can assign specific fiewall and NAT rules for them individually. I know I can do this using port mapping for incoming connections, but I want to be able to manage outgoing connections as well, for example if I want some specific docker to use a different default gateway to go out of my network or stuff like that.

 

Is it possible to assign a different IP address to dockers at all?

 

Thank you!

Ignacio.

 

As mentioned by the others it is supported in the latest beta.  If you don't want to go the beta route yet you can use Pipework Docker to accomplish what you are after.  Install the correct version for your unRAID version then for each Docker you want to assign an IP, enable advanced mode, change network to 'none' and add the code below to the 'extra parameters' box specifying a unique IP/gateway and a unique valid fake MAC address.  In pfSense, create a static DHCP lease for the MAC and IP configuration.  Create an Alias in pfSense that contains all the IP addresses for the stuff you want to go through VPN and create your rules based on the Alias.

 

extra parameters:

-e 'pipework_cmd=br0 @CONTAINER_NAME@ 192.168.1.247/[email protected] fd:de:b4:99:56:1d'

Copy in exactly as shown, including the '   ' and the "@CONTAINER_NAME@".  Change the IP and gateway IP and the MAC address for your specific configuration.  Best to have Pipework set to auto-start and verify it is started  - view the log tail and verify 'start' is in the last entry.  If not started, stop then start and verify again.  After that you can crank up the remaining Dockers that use Pipework.

Edited by unevent
Link to comment

I have been waiting patiently for this as well as I will far prefer having each docker have its own IP as opposed to having to remember all of the ports required whenever I want to access the web UI for a docker.  What was 8080 vs 7080 vs 6080?  IP addresses will be easier, at least IMHO.  And then you can enter all of the IPs in a hosts file and just use the docker name if you want

Link to comment
  • 2 months later...
4 hours ago, steve1977 said:

I am running 6.4.0rc14. I would also love to assign a dedicated IP to one of the dockers? Possible and if so, how?

Click on 'Network Type' in the docker settings (may need advanced view) and then enter an IP address in the new field that appears below.  Very simple.

 

If you have a VLAN capable switch, you can also create VLANs in Settings/Network settings and then choose different VLANs e.g. I have deluge going down my VPN VLAN and nzbget not, as usenet is encrypted so I'm not wasting CPU cycles pushing it down the VPN

Link to comment

thanks. i run a router vpn, so everything runs over vpn unless i exclude the ip. let me describe what i want to do:

 

* sanzbd docker (want to exclude from vpn, but maybe remote access as web server)

 

* nextcloud docker (need to forward port 80/443 to get this running)

 

* in the future i may want to add deluge docker

 

 

i have a reasonably modern asus router.

 

is it possible to achieve?

Link to comment

1.  No and things would get messy if you did

2. Yes, go to settings/identification to change unraid ports.  However, there's no need as unraid would listen on say 192.168.1.100:443 and le on whatever IP you assign e.g 192.168.1.101:443

Edited by DZMM
Correction
Link to comment
5 hours ago, steve1977 said:

i changed it with nano and then changed it back. is there some command to “restart” the gui?

 

actually, i followed the advice in the official unraid wiki. outdated?

 

With unRAID 6.4 port settings are no longer set in the go file, but under Settings -> Identification.

 

Also unRAID 6.4 supports macvlan, which allows to assign different IP addresses to docker containers from the GUI.

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.