Ver 6.7.2 - VPN Via Vm for dockers

[almulder]

So I am new to unraid, running the trial version right now, before I pull the trigger and make the switch.

 

So I followed a guide on how to setup a vm as a VPN server and it works if I point any PC to that address, but how can I make particular dockers use the VPN and other not to use them. I have traffic I want secure from my house to my off site backup at my brothers house, (And my ISP throttles VPNs now) so I want all my other dockers to not use the vpn so I get full speeds.

 

How can I create a new network pointing to the VPN and make the dockers use it.

 

I have tried going in under Network Settings and creat a new route, thinking it would appear under the docker setting, but no luck.

 

My vpn server is at address 10.1.10.233, so how can I make the docker use that as the gateway instead of my router default of 10.1.10.1?

 

Thanks for your help.

[bonienl]

The easiest approach will be to have a second ethernet interface (eth1/br1) on your server, which connects to the same switch as your eth0/br0 interface.

Under network settings configure this interface as bonding=no, bridging=yes and IP=none

Under docker settings assign the same subnet as used for the eth0 interface, and specify as gateway your VPN server.

Any docker containers you want to router thru your VPN server, make sure they use the custom network br1.

 

[almulder]

So I need two physical ethernets, or can I create a virtual one, and if so how?

[bonienl]

Instead of a second physical port, you can use a VLAN instead, but this requires your switch (if present) and router to support VLANs too.

 

[almulder]

So to make things easy it just best to have a second port hooked up?

[bonienl]

If you have experience with how VLANs work and have the right gear to build the network, it is easy to set up, but otherwise a second interface is more straight forward.

 

[almulder]

ya no clue on vlans, so do I just need a second port , but not hooked up or do I need a second port hooked up to router also.

[bonienl]

yes, you need to connect the second port of the server to a LAN port of your router.

[almulder]

SO I added another network, and have it hooked to router. I setup the network settings and the docker, but the containers dont show that new network as an option in the drop down. My options are - Bridge, Host, None, Custom br0

 

br0 is my main one, my new added one shows as br1, its just not in the list to select from.

 

Thoughts?

 

[bonienl]

Post a screenshot of your network settings and docker settings (with docker service stopped)

[almulder]

ok I did a reboot and now it shows up. Here are screenshots for you. I have removed the settings in Docker settings since it does not work, I am sure it has to do with the subnet.

Again thanks so much for your help.

 

 

[bonienl]

I am a little confused...

 

When no IP assignments are set for interface br1 under docker settings, then this network is not available in Docker.

You should have something like this:

 

subnet = 10.1.10.0 /24

gateway = 10.1.10.233

dhcp pool = 10.1.10.128 /25 (this assumes the IP range .128 to .254 is not used by your router for DHCP assignments)

[almulder]

I will test that out. it was the dhcp pool i was missing, but now mu vm is broke. LOL. I think it has to do with me adding the second network and the way the vm was configured. I will try and fix it and then test the dockers to connect. THanks for your help. I will report back.

[almulder]

OK, I am now at a complete loss, nothing seems to be working correctly, I have even wiped everything and started over. Can someone help me out.

 

I am running a test environment so messing it up right now is not an issue.

 

My goal is to setup a vpn server so only particular containers use the VPN while the others bypass it. I followed a youtube video on how to set up a vpn using ubuntu server via vm, and I did get that working, but it seems like I need another nic to get the docker containers to work, so I added one, that's when everything broke. vpc no longer worked, ip addresses were all messed up and could no longer connect to the vpn server.

 

I figure to start from scratch and see if I could get the vpn setup again, but I cant get it to assign it an ip address from my router. (10.1.10.1) it keeps giving me a (192.168.1.xxx) address, so I cant access it from my network.

 

Sorry I have always been a windows guy and been using a qnap for years, but have out grown it.

 

how should I setup my first nic and vm so the vm gets ip address from router, then once I get my vm setup how do I configure my second nic to point it at my vm for the vpn service, and then how do I setup docker contains so some use the nic0 and other use nic1 all while getting ip from router so they are all on the same network. (Also plan on installing pi-hole later)

 

forgot to mention ip setup:

router 10.1.10.1

unraid 10.1.10.103

vm(vpn) will be 10.1.10.233 once I get it set to a fixed ip

 

Also I am open to ideas. in the end I just need a vpn server that particular dockers access while others don't.

Edited September 26, 2019 by almulder