openvpn-client
openvpn-client copied to clipboard
Published
20 hours ago •
dperson
dperson
Host IP not reachable for network_mode=host
My compose config:
vpn_client:
image: dperson/openvpn-client
privileged: true
command: -D
network_mode: host
environment:
TZ: Asia/Jakarta
volumes:
- ./openvpn:/vpn
Doing this, I can't reach the host IP when I'm in other container.
xx@xx:~$ docker run --rm alpine ping 192.168.210.124
PING 192.168.210.124 (192.168.210.124): 56 data bytes
^C
--- 192.168.210.124 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss
My routing information:
default via 192.168.210.253 dev eth0
10.0.0.0/8 via 192.168.100.1 dev tun0
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
172.18.0.0/16 dev br-b0a0f286b549 proto kernel scope link src 172.18.0.1
192.168.100.0/24 dev tun0 proto kernel scope link src 192.168.100.2
192.168.210.0/24 dev eth0 proto kernel scope link src 192.168.210.124
Interface information:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:01:66:5a brd ff:ff:ff:ff:ff:ff
inet 192.168.210.124/24 brd 192.168.210.255 scope global dynamic eth0
valid_lft 315355894sec preferred_lft 315355894sec
inet6 fe80::216:3eff:fe01:665a/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:9b:e5:75:04 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:9bff:fee5:7504/64 scope link
valid_lft forever preferred_lft forever
6: br-b0a0f286b549: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:6f:2c:ce:c0 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-b0a0f286b549
valid_lft forever preferred_lft forever
inet6 fe80::42:6fff:fe2c:cec0/64 scope link
valid_lft forever preferred_lft forever
8: vethcdb8a04@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b0a0f286b549 state UP group default
link/ether 12:06:d1:84:be:b3 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::1006:d1ff:fe84:beb3/64 scope link
valid_lft forever preferred_lft forever
14: veth351dea7@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b0a0f286b549 state UP group default
link/ether d6:ea:ad:3d:31:e0 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::d4ea:adff:fe3d:31e0/64 scope link
valid_lft forever preferred_lft forever
20: veth7da281e@if19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b0a0f286b549 state UP group default
link/ether 26:2a:2b:cc:37:bf brd ff:ff:ff:ff:ff:ff link-netnsid 3
inet6 fe80::242a:2bff:fecc:37bf/64 scope link
valid_lft forever preferred_lft forever
26: vetha697a9b@if25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b0a0f286b549 state UP group default
link/ether 1a:9f:5b:ef:98:90 brd ff:ff:ff:ff:ff:ff link-netnsid 4
inet6 fe80::189f:5bff:feef:9890/64 scope link
valid_lft forever preferred_lft forever
34: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet 192.168.100.2/24 brd 192.168.100.255 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::d23f:8927:6c45:b83f/64 scope link stable-privacy
valid_lft forever preferred_lft forever
I can do a workaround by executing this in the vpn container:
bash-5.0# ip rule del from 192.168.210.124 lookup 10
Not sure if this is an issue or misconfiguration on my side.
