HELP: Plex Docker on 2 different IP's (1 normal, 1 vlan)


Recommended Posts

BLUF: I am running two separated networks in my home (1 secure and 1 vlan for IoT devices). I want my plex docker accessible on both networks securely.

 

I currently have a plex docker on 192.168.1.10:32400 (same IP as my unRaid Server on onboard eth0), which my secure workstation and gaming pc can access. My IoT devices to include my xbox one and ps4 are on vlan 10.10.10.XX IP's which obviously can't reach my plex server. I want to set Plex to be on 192.168.1.100:32400 AND 10.10.10.100:32400 without any possibility of one network crossing over the other  because of some plex vulnerability. Also possibility of port forwarding the IoT vlan IP assigned to plex for when I travel or stay at my friend's place. Thoughts? I need this to be secure as I already have to deal with 10K of random IP's always trying to access ssh/telnet...another reason why I separated my IoT devices/wifi devices off my regular network.

 

I have successfully given a different docker it's own IP and own physical NIC (Unifi Controller on 192.168.1.2:8443 using a Dell D96950-006 Intel PRO/1000 VT Quad Port NIC) so I know it's possible to give plex it's own, but can I give it two? Or is that a limitation on the plex server itself? Do I have to run a separate instance of plex server just for my IoT vlan?  Is it secure to assign the 2 different IP addresses and bridge them, then assign that bridge to the plex docker? All help, theories or pointing in the right direction appreciated.

 

I have a UniFi USG router and two UniFi managed switches (switch 8-150W and switch 24) for routing/dhcp/firewall/vlan. Unifi Controller 5.8.3

I use binhex-plexpass docker with network type: host. Latest stable. 

unRaid version 6.4.1 2018-02-02

 

 

 

Link to comment
1 hour ago, darkslyde said:

I know it's possible to give plex it's own, but can I give it two? Or is that a limitation on the plex server itself?

 

At startup Plex will bind to all available IPs, the limitation is more with the single docker having the two NICs assigned and less the Plex Server application itself... Depending on the docker, you could potentially do this... It's well beyond the current scope of Docker on unRAID, but it looks like it can be done now... Here's some reading if you fancy yourself a Wizard: https://hicu.be/docker-networking-macvlan-vlan-configuration

The key bits are about a quarter, and half way down... I can transpose them for what commands *MAY* work for your scenario...

 

First you'll need to make a second macvlan:

docker network create -d macvlan \
    --subnet=10.10.10.0/24 --gateway=10.10.10.1 \
    --subnet=2001:db8:babe:20::/64 --gateway=2001:db8:babe:20::1 \
    -o parent=eth0.20 \
    --ipv6 \
    iotnet

Then you would attach your plex docker to the second network

docker network connect \
  --ip=10.10.10.100 \
  --ip6=2001:db8:babe:20::3 \
  iotnet \
  PlexMediaServer

Now, this may, or may not work, even if the commands attach the docker to the networks properly, I don't know if Plex rereads the networking config when things change after it's started... That said, I've just tested this with my Netdata docker, and it works like a charm, and automatically detected the network change...

 

 

 

*** All examples are provided without warranty or guarantees of fitness for use. Only a fool blindly copies and pastes from the Internet into a shell window. I am not responsible for your actions. ***

Link to comment

Thanks, Kyrin. Actually tried it out (thanks to unraid 6.4.1, you can do it on the gui now while array is offline, settings>dockers>advance), assigning it's own static ip/nic works (no surprise there), unfortunately, my vlan devices (10.10.10.xx) can't see it and on plex, (settings>server>remote access), it is still reverting to the regular 192.168.1.XX network. I will play around with it more tomorrow morning as it's already 1:20am where I'm at. It's a good place to start.

 

Also, less of wizard like harry potter and more of a bright like daryl ward:D

Edited by darkslyde
Link to comment

You'd have to start the docker, and then manually connect it to the second network, and then give it say 5 minutes and check the XML response from /servers (https://192.168.1.100:32400/servers ) and see if it lists it there (dunno if it will or not), or just watch the Plex log files for it refreshing its network info... It may be of value to not have it see the gateway on that network, or at least not be able to get to the Internet via that network, so it won't try and register with the Plex mothership via that network... Damn... 12:44a here, I was supposed to be catching up my time tracking tonight, not upgrading to 6.4.1 and playing with new features...

Link to comment

here's the crappy part; since my unifi controller software is a docker on my unraid server, whenever i bring the array down to do some tinkering, i have no way to do any changes on the config for my unifi router/switch... hence, can't force the dhcp to assign a static ip for the plex server. ugh... gonna wait till my new rack comes in, put a dedicated 1u server for the unifi controller, so i can mess with unraid without losing access to the router/switch management system.... sometimes, the things that make your life easier (dockers) are the ones that make it much worst

Link to comment
2 hours ago, darkslyde said:

can't force the dhcp to assign a static ip for the plex server

Which network do you need to assign the static on?  For your primary network you can do that in the docker config page if you want it on its own IP (separate from the host) when you choose to bind it to 'bond0' or whichever your network is called, and on the secondary, 'iotnet' network, it's specified in the 'docker network connect' command... Shouldn't need to rely on DHCP for either if you don't want.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.