⬅️ **[[Docker]] | [[AdGuard]] | [[Linux-Network]]** *** # Docker AdGuard Container mit macvlan Netzwerk als DHCP-Server > [!info] ✅ Aktiv seit 2024-01-28 - **Doku** - [Docker · AdguardTeam/AdGuardHome Wiki](https://github.com/AdguardTeam/AdGuardHome/wiki/Docker) - [DHCP · AdguardTeam/AdGuardHome Wiki](https://github.com/AdguardTeam/AdGuardHome/wiki/DHCP) - [Clients · AdguardTeam/AdGuardHome Wiki](https://github.com/AdguardTeam/AdGuardHome/wiki/Clients#idclient) - **Docker Compose** `network_mode: "host"` wurde nicht verwendet, weil sonst alle Ports des Containers auf dem Host verfügbar hätten sein müssen - Kollision mit Ports 80, 443 (nginx), 68 (dhcp client) - **macvlan Fehler-Behebung:** - ==Error:== `failed to create the macvlan port: operation not supported.` - [docker: Error response from daemon: failed to create the macvlan port: operation not supported. : selfhosted](https://www.reddit.com/r/selfhosted/comments/rdjlup/docker_error_response_from_daemon_failed_to/) - Paket für macvlan nachinstallieren `apt-get install linux-modules-extra-raspi` und **neustarten** ## docker-compose.yml - Quellen - [Wie man AdGuard Home via Docker installiert! -](https://homelabtopia.com/wie-man-adguard-home-via-docker-installiert/) - [MACVLAN über Portainer einrichten – smarthome.buanet.de](https://smarthome.buanet.de/2020/09/macvlan-ueber-portainer-einrichten/) - Docker Container und macvlan configuration ```yml version: '3.9' services: ... 03-adguardhome-dhcp: image: adguard/adguardhome:latest container_name: 03-adguardhome-dhcp ports: - "53:53/tcp" # unverschlüsseltes DNS - "53:53/udp" # unverschlüsseltes DNS - "67:67/udp" # DHCP - "68:68/udp" # DHCP - "80:80/tcp" # Admin-Webobefläche & DNS over HTTPS - "443:443/tcp" # Admin-Webobefläche & DNS over HTTPS - "443:443/udp" # Admin-Webobefläche & DNS over HTTPS - "3000:3000/tcp" # Ersteinrichtung - "853:853/tcp" # DNS over TLS - "853:853/udp" # DNS over Quic - "784:784/udp" # DNS over Quic - "8853:8853/udp" # DNS over Quic - "5443:5443/tcp" # DNSCrypt - "5443:5443/udp" # DNSCrypt volumes: - '~/docker-data/adguard-dhcp/workdir:/opt/adguardhome/work' - '~/docker-data/adguard-dhcp/confdir:/opt/adguardhome/conf' restart: unless-stopped networks: dockervlan: ipv4_address: 192.168.42.200 # IP address inside the defined range ... networks: default: driver: bridge home-pi-nw: dockervlan: name: dockervlan driver: macvlan driver_opts: parent: eth0 # using ifconfig ipam: config: - subnet: "192.168.42.0/24" #ip_range: "192.168.42.200" gateway: "192.168.42.1" #aux_addresses: #net-address: 192.168.42.200 ``` ## Pi Host macvlan bridge > - By default Host and Docker container in macvlan cannot communicate with each other. > - This is needed for Nginx Proxy on the Linux Host (Stand 2024-01) > - A macvlan bridge on the Host needs to be configured and then a route to that container address. - Quellen: - https://www.linuxtechi.com/create-use-macvlan-network-in-docker/ - https://stackoverflow.com/questions/49600665/docker-macvlan-network-inside-container-is-not-reaching-to-its-own-host - https://blog.oddbit.com/post/2018-03-12-using-docker-macvlan-networks/ ### nicht persistent ```sh # see IP Config ip addr # see routes mauritz@home-pi:~$ ip route default via 192.168.42.1 dev eth0 proto static 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 172.18.0.0/16 dev br-10a293988250 proto kernel scope link src 172.18.0.1 172.19.0.0/16 dev br-a8e60327fea5 proto kernel scope link src 172.19.0.1 192.168.42.0/24 dev eth0 proto kernel scope link src 192.168.42.100 # create a macvlan interface sudo ip link add tobi-net link eth0 type macvlan mode bridge # assign a unique IP to the interface # Ensure to reserve this IP on your router. sudo ip addr add 192.168.42.250/32 dev tobi-net # Bring up the macvlan interface. sudo ip link set tobi-net up # add a route over this network to specific IP # <IP>/32 -> exact IP sudo ip route add 192.168.42.200/32 dev tobi-net # Instead could be a range of IPs be defined # This should be considered when more containers need to be added to the Docker macvlan. [Pi] <----> [macvlan bridge tobi-net] <---> [Container / IP Range] ``` ### Persistent mit netplan > Quelle: Kommentar aus https://blog.oddbit.com/post/2018-03-12-using-docker-macvlan-networks/ Using Ubuntu's netplan, we can make it persistent. The below is an IP address range example for the numbers 192.168.1.96 through 192.168.1.127, also known as the 192.168.1.96/27 network. Additional Notes: - IP addresses from 192.168.1.128 onward are assigned automatically by my router's DHCP server. - I manually assigned 192.168.1.1 - 192.168.1.95 for local servers, managed switches, printers, etc. - Tested on Ubuntu Server 20.04 `/etc/netplan/01-netcfg.yaml` ``` network: version: 2 renderer: NetworkManager ethernets: # Set Static IP 192.168.1.10, and disabled DHCP for ipv4 and ipv6. eno1: dhcp4: no addresses: - 192.168.1.10/24 gateway4: 192.168.1.1 nameservers: addresses: [127.0.0.1, 1.1.1.1] dhcp6: no bridges: mynet-shim: interfaces: [eno1] addresses: [192.168.1.127/32] routes: - to: 192.168.1.96/27 via: 192.168.1.127 vlans: mynet-shim-macvlan: link: mynet-shim macvlan: mode: bridge ################################################################################# ################################################################################# ### home-pi 2024-02-01 network: version: 2 ethernets: eth0: #dhcp4: true dhcp4: false addresses: [192.168.42.100/24] routes: - to: default via: 192.168.42.1 nameservers: addresses: [94.140.14.49, 94.140.14.59] bridges: home-bridge: interfaces: [eth0] addresses: [192.168.42.250/32] macaddress: c6:2a:89:5e:d3:63 routes: # .193 - .206 - to: 192.168.42.193/28 #- to: 192.168.42.200/32 via: 192.168.42.250 vlans: home-brdige-macvlan: link: home-bridge macvlan: mode: bridge ``` The preceding achieves the same results with ip commands: ``` ip link add mynet-shim link eno1 type macvlan mode bridge ip addr add 192.168.1.127/32 dev mynet-shim ip link set mynet-shim up ip route add 192.168.1.96/27 dev mynet-shim ```