Routing docker traffic
-
Here's the setup...
pfSense - VPN connection built
LAN - 10.1.1.0/24
Docker machine - 10.1.1.8
Custom Docker network - 20.1.1.0/24
How would I send either all traffic from the Custom Docker network over the VPN tunnel or just a single container?I'm assuming that I need to somehow tell the pfSense router that the 20.1.1.0/24 network is behind 10.1.1.8 correct?
So do I need to tell pfSense anything coming from 10.1.1.8 or just the entire 20.1.1.0 network?
-
@darkmatter5 said in Routing docker traffic:
Custom Docker network - 20.1.1.0/24
A public range? That's far from ideal.
How would I send either all traffic from the Custom Docker network over the VPN tunnel or just a single container?
Which VPN?
I'm assuming that I need to somehow tell the pfSense router that the 20.1.1.0/24 network is behind 10.1.1.8 correct?
So you want the docker to go out through the VPN, as I understand?
So do I need to tell pfSense anything coming from 10.1.1.8 or just the entire 20.1.1.0 network?
Or is there inbound from the VPN as well, which should go the to docker?
-
@darkmatter5 yeah 20.x is a horrible choice for a network on your local network be it docker or not..
Use another 10/24 network that doesn't overlap with your current network, or use other rfc1918 space other than 10, 172.16/12 or 192.168/16 has plenty of space to be used.
How exactly do you have your docker setup, normally dockers get natted to the hosts IP. If you setup non natted network for your dockers, this network would need to be viable on the actual network its connected to. This would need to be just another L3 running on the same L2, or a vlan.. With a vlan being a better choice..
