Open tratz11 opened 7 years ago
This is a limitation of docker. It gets really clunky trying to merge the host and container's networking. Simplest way this might work is with docker run --network host ...
and then you may need to add entries to the routing table.
Kyle
I was trying to avoid that. The long story is that I am trying to get a pbx to work with openvpn on a vps. The manufacturer doesn't want any extra nics installed on the box. When I asked someone how they did it, they told me that they used docker to container openvpn so that the system still has one Nic active. I figured since you had the most pulls on github, you could point me in the right direction. The issue with sip is that it really doesn't like nat and was hoping to avoid it. Once I turn on the host networking it sees the tun adapter and the pbx stops.
Thanks for the advice the container is pretty slick
Tracy On Wed, Jan 4, 2017 at 10:56 AM Kyle Manna notifications@github.com wrote:
This is a limitation of docker. It gets really clunky trying to merge the host and container's networking. Simplest way this might work is with docker run --network host ... and then you may need to add entries to the routing table.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/kylemanna/docker-openvpn/issues/197#issuecomment-270405969, or mute the thread https://github.com/notifications/unsubscribe-auth/AXwt9cs3P7E1ZHIH4r44UjTxBE1ElPUQks5rO8EKgaJpZM4Lak9r .
docker run --network host ...
doesn't use NAT. Please refer to the Docker documentation.
That is true. Now one last question. If I am using the gateway asdress, what would be the IP address for the client to access the host? If I use the outside ip, it would use the real route to get there. Would I use eth0 of the container or use the docker0 ip
--Tracy On Wed, Jan 4, 2017 at 11:47 AM Kyle Manna notifications@github.com wrote:
docker run --network host ... doesn't use NAT. Please refer to the Docker documentation.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/kylemanna/docker-openvpn/issues/197#issuecomment-270420599, or mute the thread https://github.com/notifications/unsubscribe-auth/AXwt9WZVRRB6egAj7N8U7U9vh6yZRoNeks5rO800gaJpZM4Lak9r .
If you're talking about ovpn_genconfig
then you should always use the external facing IP so that the clients get properly generated certificates.
Sorry if this seems a little off, i downloaded your docker image and got it working but was wondering if there is a way of doing something. Is there a way for the clients once they connect to the container to be routed between the container and the host without doing a nat masquerade or is that a limitation of docker? Basically i wanted to be able to ping the vpn subnet from the host and ping the host ip from the server subnet
--Tracy