Debian9 - Ethernet configuration does not match about nordvpn HOT 7 CLOSED

Hello fellow french compatriot 🇫🇷

I think your problem is that you use Host networking and that this image hasn't been tailored for that.
I don't use OMV docker interface, I find it simpler to use raw docker compose files.

As long as your using bridge networking or macvlan, the ethernet name inside docker is eth0.
By using host network mode, you're exposing your real networks cards into docker.

I don't get the point of trying host networking, as ALL your OMV traffic would go through nordvpn. I think it's unlikely you really want with plex, as you cannot have port forwarding on nordvpn.

vpnclient:
    cap_add:
    - net_admin
    container_name: vpnclient
    dns:
    - 8.8.8.8
    - 8.8.4.4
    environment:
      CATEGORY: P2P
      COUNTRY: France
      NETWORK: 192.168.0.0/23
      PASS: PASSWORD
      PROTOCOL: openvpn_udp
      TZ: Europe/Paris
      USER: USERNAME
    expose:
    - 8112
    - 22
    - 80
    - 443
    image: azinchen/nordvpn
    networks:
      macnet0:
        ipv4_address: 192.168.0.210
    restart: unless-stopped
    security_opt:
    - label:disable
    stdin_open: true
    tmpfs:
    - /tmp
    tty: true
    volumes:
    - /dev/net:/dev/net:z

The macnet0 is an external network using macvlan driver to use a dedicated IP in my Lan environment (192.168.0.0/23 network), so I can connect to associated service using a real world ip without depending on NAT on a single ip already crowded by other services.

My other docker-compose that use nordvpn use this as network_mode: "container:vpnclient"
Thought it may fail upstart because of broken dependancies, it's easier to pull them all in the same docker-compose and use "depends_on" to avoid this.

If you really want to use network_mode: host, I guess you need more help that I can offer.

I guess the network name could be an .env variable and script that use network device name generated dynamically through sed or a template system ?

Any thoughts about this @azinchen ?

from nordvpn.

I agree, it is a bad idea to use Host networking with any VPN client images. VPN client creates own network environment, and it would be better to isolate it. (by setting Bridge networking).

from nordvpn.

I use macvlan on purpose because I prefer to organise my container that way for stuff that I don't wan't to NAT.
It also let me use my VPN containers as a router without a proxy with other computers ;)

from nordvpn.

I run it with similar condition and got no error.
I'm on Open Media Vault, based on debian 9.
I got multiple Ethernet card, but no eth0.
I just did a docker-compose pull and restarted but it works.

Did you add the /dev/net volume ?

from nordvpn.

Thanks for your reply.
That's great I'm also using OMV on debian 9.
Attached the screen shots of how I've configured the docker.
And each time I launched the docker, it removes a line in iptables and I have to recreate it :
iptables -I OUTPUT 4 -p all -o enp3s0 -j ACCEPT

from nordvpn.

The macnet0 is an external network using macvlan driver to use a dedicated IP in my Lan environment (192.168.0.0/23 network), so I can connect to associated service using a real world ip without depending on NAT on a single ip already crowded by other services.

It works Ok without macvlan on my server. Exclude 'networks' section at all from your compose file and change 'expose' section to 'ports'.

from nordvpn.

OK I've tried Bridge networking and all is ok now.
Thank you very much guys for the help from France :)
Sorry but I'm not used to docker.

from nordvpn.