Bridge container to VLAN instead of using a different IP on the VLAN

CeeJay

By CeeJay
in Docker Engine

Recommended Posts

CeeJay Noob

CeeJay

Posted
Posted

I have my UnRAID box connected to a managed switch which passes it VLAN 1 as untagged and VLAN 30 as tagged. I want most of my containers to run on the untagged VLAN, which is straight forward, I just set the container network type to bridge. However I have a container that must connect to the network on VLAN 30. For that, I can use br0.30, but if I do so my container will get an IP on the LAN, while my goal is to use the address of the server on that VLAN to reach my container, like I do on the untagged VLAN. Is this achievable?

 

Home VLAN: 192.168.1.1/24
UnRAID Box IP (Home): 192.168.1.10
Bridged Container on Home VLAN example: 192.168.1.10:1234
UnRAID Box IP (IoT): 192.168.30.10
Current Bridged Container on IoT VLAN example: 192.168.30.11:2345 (my goal is to have 192.168.30.10:2345 here)

Link to comment
ken-ji Collaborator

ken-ji

Posted
Posted

Disclaimer: My VLANs are isolated and only the router bridges them. I don't give Unraid additional IPs to muck up accesses. (this is a side effect of the older network setting where assigning the container to the same interface as the host and giving its own IP isolates them)

 

Have you tired to access the container while its connected to the regular bridged network same as the untagged VLAN, yet using the VLAN30 IP?

I mean while the VM is reachable via 192.168.1.10:2345, try reaching it via 192.168.30.10:2345 as well.

 

I distinctly remember docker actually running a proxy that bind on all the IP addresses on the host then forwarding the connections to the container in the internal docker bridge.

 

  • Thanks 1
Link to comment
CeeJay Noob

CeeJay

Posted
  • Author
Posted
1 hour ago, ken-ji said:

Disclaimer: My VLANs are isolated and only the router bridges them. I don't give Unraid additional IPs to muck up accesses. (this is a side effect of the older network setting where assigning the container to the same interface as the host and giving its own IP isolates them)

 

Have you tired to access the container while its connected to the regular bridged network same as the untagged VLAN, yet using the VLAN30 IP?

I mean while the VM is reachable via 192.168.1.10:2345, try reaching it via 192.168.30.10:2345 as well.

 

I distinctly remember docker actually running a proxy that bind on all the IP addresses on the host then forwarding the connections to the container in the internal docker bridge.

 

Thank you for your help. I just tried what you suggested and it does indeed work. I guess through my router firewall I can block traffic to 192.168.1.10:2345 and I should be good.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing