Looking at your example. Your original settings are:
docker network create -d macvlan \
-o parent=eth0 \
--subnet=192.168.2.0/24 \
--gateway=192.168.2.1 \
--ip-range 192.168.2.200/27 \
--aux-address=“host=192.168.2.201” \
dockervlan
Why did you use 192.168.2.200/29 for your route? This is the last part I dont quite understand. How does it play into the settings you chose above?
My setup is ip range 192.168.87.96/30 which is ip range 192.168.87.96 to 192.168.87.99 . I chose 192.168.87.99 as my auxillary and my Nginx was automatically given IP 192.168.87.96 . Now my question is how do I go about knowing what to use for route? I blindly first tried 192.168.87.98 from some bad info ChatGPT gave me and then I changed the route to the exact same CIDR notation I use for my IP range which is 192.168.87.96/30 and that seemed to work. Im asking because although it works I have zero clue why it works. My brain doesnt understand this final part.
🙏🏼
I presume you’re talking about this one ?
sudo ip addr add 192.168.2.201/32 dev macvlan0
I guess I didn’t explain properly but that is your auxiliary host’s IP. If you look at command 2 you’ll see
--aux-address=“host=192.168.2.201”
. Basically the CIDR notation
/32
is the same as the subnet mask
255.255.255.255
, only one IP address can be served in macvlan0.
I was actually referring to ‘sudo ip route add 192.168.2.200/29 dev macvlan0’ for #3
This one has me stumped. I hope you’re not one of those who deletes his Reddit posts because I may need to come back to this post one day 😁
I think I am about 99% of the way there. Seems like I got it mostly figured out, but I do have a couple questions for you. And thanks again for your time, you have no idea how much I appreciate you and your assistance in this.
#1. After creating the docker network, you suggest creating the macvlan and the command for creating the macvlan involes ‘macvlan0’. I cannot use macvlan0 and instead am forced to use macvlan1 because macvlan0 is taken by the docker network we created just before creating the macvlan. Seems to be a conflict. I checked and there’s nothing else conflicting other than the already created macvlan0 from the step before.
#2. After completing the steps, I can access my NAS as usual, the Nginx proxy manager is accessible via it’s macvlan IP, but I can also connect to the NAS and the Nginx from the auxillary host IP. What’s the deal with that?
#3. Once all is said and done. Should my Nginx be connected to both the bridge network and the new macvlan or just the macvlan? It’s always connected to the bridge by default, but when I add the container to the new macvlan, am I supposed to disconnect it from the bridge?
3.Create the macvlan on your Synology
sudo ip link add link eth0 name macvlan0 address XX:ZZ:AA:BB:00:YY type macvlan mode bridge
I follow your instructions carefully. When I get here I get the terminal response :“XX” is invalid lladdr.
Okay, so here’s where I’m confused. From my understanding you say all I did is create a docker network and I need to create a macvlan but the ‘npm_network’ that I created literally says macvlan beside it in the network tab of either container manager or portainer. Even the command literally says ‘create macvlan’ so I am confused why you say that’s not a macvlan and only a docker network.
Am I making sense? Also, two other outdated guides ive seen on this describe it the same way. The way you describe it is a first that I’ve seen. Not saying you’re wrong, but there’s certainly a difference I’m noticing.
Here, let me show you what I did and you tell me where I went wrong.
SSH into Synology NAS and Create macvlan network with modified command below to my system:sudo docker network create -d macvlan \-o parent=eth0 \–subnet=192.168.1.0/24 \–gateway=192.168.1.1 \npm_network
Install Nginx Proxy Manager docker container
Assign NPM to use the new macvlan network and assign it an IP on the subnet that’s not already in use with the following command:docker network connect --ip 192.168.1.99 npm_network nginx_proxy_manager
Go into portainer and under container settings for NPM, ensure the container is connected to both the new macvlan with the info we used and also connected to the default bridge network.
This is where I hit a wall. I still cannot connect to my web interface at this point when I feel like I should be able to with the macvlan ip 192.168.1.99
What am I doing wrong?
What’s the main kicker here? Reading this over, it sounds like you’re saying to create two macvlans, but I only see an execution of one? I am confused brother
What happens if you use bridge networt and manually map the port 80 and 443 port to a random one on your synology like 8888 and 9999? Can you then access these ports?
Not exactly sure how to do that. Yes, you’re right, I created a whole new container and for some reason it doesn’t load. Without macvlan IP it loads fine, with the macvlan it just refuses to load.
I appreciate the heck out of you for trying, but my god this confuses the crap out of me even more lol. I’ve read it over several times, and I am just not connecting the dots ☹️
I’m not sure, but there certainly must be a conflict with the built-in DSM Nginx.
There are zero error logs.
So essentially the last step where you create a virtual subnet is going to be the same CIDR notation as the IP range. Well, I’ll be damned, it seems like I lucked out on that one and got it right.
Thanks again. Your method worked great and for some weird reason the other methods out there such as this one and also this one did not work for me. One of the guide creators was also trying to help me, and it just wouldn’t work.
God bless 🙏🏼