Jump to content

Docker Network(s) issues unraid 6.3.5


ijuarez

Recommended Posts

I wasn't sure if this needed to be here or in general but I'll start here.

 

Background

Unraid server has a quad nic, 3 ports are in use each port has a vlan assigned to it denoted as vlan 10, 20, and 30.

Router is pfsense doing vlans connected to 3750 Cisco ( no vlans on unraid)

 

Unraid is on vlan 10 (192.162.10.0/24) static IP working just fine

Previous setup had sonarr, radarr, and sab vlan20 (192.168.20.0/24) its the vpn vlan with each container having its own ip, worked flawlessly, and i was able to access their webgui from the unraid webgui.  Sonarr and Radarr also were able to communicate to SAB

 

I actually read the readme for let's encrypt (LSIO) and decided to move to subdomain setup. Got a vps and tested before implementing on my prod server. Works (yay)

 

Created the proxynet, moved radarr, sonarr, nextcloud, and soon Unifi. However i decided to leave sab in the vpn subnet.

From the webgui of unraid i can access sonarr, radarr, and sab.

 

Issue.

Both Sonarr and Radarr can no longer connect to SAB so it can't send nzb's to it.

 

Troubleshooting

I read thru the logs in pfsense trying to find if it blocked the traffic nothing. I opened the terminal in the unraid webgui and tried to ping SAB no replies. To make sure, i pinged other devices on different vlans (subnets) and they all replied except sab.  I thought maybe it had something to so with SAB so from a vm and a laptop on wifi i ping sab and it replied.  I thought that's odd, so i spun up nzbget on the vlan20, ping from vm and laptop but not from unraid terminal and neither sonarr or radarr could not connnect to it.

 

So looked at my network settings and they looked ok. Took a look at my docker settings and notice that for the vlan20 (br1) there's not gateway listed in docker. So i am ASSuming that't the reason it will not ping or connect. 

 

Is that a correct statement? if so how can it be fixed.

 

unraid docker network.PNG

unraid network.PNG

Link to comment
47 minutes ago, bonienl said:

The better approach is to set NO addresses to interfaces br1 and br5 (stop docker+vm service and go to network settings page)

 

This gives the ability to set your own subnet and gateway for those interfaces under docker settings.

 

Great!

 

Not a home but i will try that, thank you.

Link to comment
19 hours ago, bonienl said:

The better approach is to set NO addresses to interfaces br1 and br5 (stop docker+vm service and go to network settings page)

 

This gives the ability to set your own subnet and gateway for those interfaces under docker settings.

thank you again this worked, i can ping the containers from the terminal, still can't connect but now its a firewall issue as i can see it blocking communication from unraid to sab.

 

thanks again

Link to comment
6 hours ago, ijuarez said:

thank you again this worked, i can ping the containers from the terminal, still can't connect but now its a firewall issue as i can see it blocking communication from unraid to sab.

 

thanks again

 

So whilst the firewall was blocking something that is not my problem, I moved Sab to the same subnet as unraid but gave it its own ip. Sab gui works no issues there. However sonarr and radarr cannot connect to SAB. So i moved sab to the proxynet, filled the config with the ip, port, api, creds etc, and BOOM!! connection success. I also moved nzbget and used proxynet and that also connected.

 

They problem is the proxynet not firewall, can anyone point me in the right direction.

 

thanks

Link to comment

I did some docker reading and discover the command " docker network connect" and tried it out.  I was able to connect sonarr to the subnet that sab is on and it connected. However from the unraid webgui i was no longer able to connect and/or use the ip. The letsencrypt portion still worked i was able to to get to it via the outside world.  I ran the docker inspect and below is the output (just the network part)  It looks like it added the other subnet and gave it an ip it still show the proxy net.

 

My guess is that it reads from top to bottom and when it got a hit on the sab subnet it stopped.  Anyhow i will continue to investigate.

 

        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "ee3992747ce87a3b6cd0dc1e300d47b56ad8046c7251a7b0ed7f7fd03d1c5269",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "/var/run/docker/netns/ee3992747ce8",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "",
            "Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "MacAddress": "",
            "Networks": {
                "br1": {
                    "IPAMConfig": {},
                    "Links": null,
                    "Aliases": [
                        "fafc86bfcd44"
                    ],
                    "NetworkID": "579808705b4d688ba52ec470917d213da93ab53fb93f9da771ceea4961a29281",
                    "EndpointID": "58bc383ada109cd0fb1eda352ba10910fa15e2ac2df33db5ac130359fe3d3355",
                    "Gateway": "192.168.20.1",
                    "IPAddress": "192.168.20.2",
                    "IPPrefixLen": 24,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:c0:a8:14:02",
                    "DriverOpts": null
                },
                "proxynet": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": [
                        "fafc86bfcd44"
                    ],
                    "NetworkID": "b509dbe687bad9c45c77cc4f667230a854317aae208adc868c2881ac3debce32",
                    "EndpointID": "d860d6567c14a52b244a0d799aa1fd50bcd5277c6932c3e2605830da907e1a65",
                    "Gateway": "172.18.0.1",
                    "IPAddress": "172.18.0.6",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:12:00:06",
                    "DriverOpts": null
                }
            }
        }
    }
]

 

Link to comment
1 hour ago, ijuarez said:

My guess is that it reads from top to bottom and when it got a hit on the sab subnet it stopped

 

Correct.

The GUI assumes only one network to be present and reads the first entry only.

Eventhough it isn't correctly displayed, it should work on docker level.

 

Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...