November 6, 20178 yr I'm running a VM that I want on a different vlan that unraid and all the dockers. Since I had two networks I figured I would have the switch force the second onto the right vlan. So, unraid is on eth0 and that's on the private networking 192.168.20.x while the vm is assigned eth1 which is put on the other vlan 192.168.50.x. This works but I noticed that the dockers are basically using both available interfaces. If eth1 gets an IP all dockers are accessible on that ip in addition to the unraid one. This this what's supposed to happen? Can I make the VM the only thing that users that interface?
November 6, 20178 yr basic docker networking uses an internal bridge that is port forwarded to all of the host's interfaces if you're unRAID is below 6.3, please upgrade to latest stable first then consider following this: if you're on 6.4RC, the same applies, but there are controls available on the WebUI to configure this kind of networking
November 6, 20178 yr Author Not what I wanted to hear. Thanks, but I can't currently upgrade and this just adds to the list of things I can't have because of this. :-(
November 7, 20178 yr Author Is this the same for vlans on one interface too? I thought I'd try that but it seems I get the same thing.
November 7, 20178 yr since basic docker networking uses a proxy with 0.0.0.0 address, what ever interface on the host that has an IP address will become an accessible interface for the docker. if you have VLANs on a single interface, but didn't assign an IP for unRAID on some of the VLANs, the container will not be accessible from that VLAN
November 7, 20178 yr Author Here is what I have, I'm still having issues. I have one interface but have the second vlan. I have the vlan connected to the vlan and it gets a correct ip (128.168.50.x) BUT when I'm connected to that same vlan I can get to unraid via that ip and it causes when I try to access the VM. If I'm on a different vlan (20) I can access the vm just fine. Not sure if it's an unraid issue or vlan issue, or both.
November 7, 20178 yr let me get this straight. you have 2 vlans 20 and 50 unraid is plugged into vlan 20 (default untagged) and have vlan 50 (tagged) you have bridging so your VM should be connected to br0.50 network you can access unRAID @ 192.168.50.220 while on vlan 50 you can access unRAID @ 192.168.50.220 while on vlan 20 you can access unRAID @ 192.168.20.200 while on vlan 20 you can access unRAID @ 192.168.20.220 while on vlan 50 you can access the VM (ie 192.168.50.100) while on vlan 20 but you can't access the VM @ 192.168.50.100 while on vlan 50?
November 7, 20178 yr Author 52 minutes ago, ken-ji said: let me get this straight. you have 2 vlans 20 and 50 unraid is plugged into vlan 20 (default untagged) and have vlan 50 (tagged) you have bridging so your VM should be connected to br0.50 network Yes you can access unRAID @ 192.168.50.220 while on vlan 50 Yes you can access unRAID @ 192.168.50.220 while on vlan 20 Yes you can access unRAID @ 192.168.20.200 while on vlan 20 Yes you can access unRAID @ 192.168.20.220 while on vlan 50 Yes you can access the VM (ie 192.168.50.100) while on vlan 20 Maybe this is my problem, the VM IP is 192.168.20.220. but you can't access the VM @ 192.168.50.100 while on vlan 50? Since I need this working I put in another NIC and just passed it through to the VM. Now that port is on the right VLAN and I don't have to worry about unraid. I would like to solve this though so I don't have to keep putting more NICs in. :-) Edited November 7, 20178 yr by detz
November 7, 20178 yr Wait the VM IP is 192.168.20.220 (matches unRAID IP) on VLAN 50. that's a whole bunch of wrong... in any case if there is no L3 router between the two VLANs, you can't access VLAN 20 stuff from VLAN 50 and vice versa. you could have made the VM have two vNICs and connect each to a VLAN - no real need to pass through or adding NICs for the matter.
November 7, 20178 yr Author 1 minute ago, ken-ji said: Wait the VM IP is 192.168.20.220 (matches unRAID IP) on VLAN 50. that's a whole bunch of wrong... in any case if there is no L3 router between the two VLANs, you can't access VLAN 20 stuff from VLAN 50 and vice versa. you could have made the VM have two vNICs and connect each to a VLAN - no real need to pass through or adding NICs for the matter. Yeah, they both had the same ip. pfsense had a static mapping for that mac address so that explains why I was having issues accessing it. I changed the mapping to another ip and what do you know, it appears to be working as expected! The VM got the new VLAN 50 ip and I can connect to it as expected (only from vlan 50). Wow, that has caused me hours of headaches thinking it's everything form pfsense to the vlan switch. classic PEBKAC error. :-/ Have a bitcoin wallet? I'll send you some coffee money? :-) Thanks.
Archived
This topic is now archived and is closed to further replies.