Separate IP for docker containers on Synology NAS

pascalbelgium · September 13, 2021, 9:35am

Hi,
I have some docker containers running on my Synology …
I now access these through my NAS IP and add a port pointing to the specific docker container …
But I would like to give each docker container it’s own IP address (even each on a different VLAN), so I can isolate these dockers from the rest of my LAN and my NAS when opening them up to the internet …
I already do this with VM’s on my XCPng server, but I would also like to do this with my docker containers on my Synology NAS …
Can this be done ?
how ?
When the docker containers have their own IP (on their own VLAN), I could tell PFsense to grant isolated access to them from outside WITHOUT any danger of network hopping or any other danger … right ?
Cheers
Pascal

Spectre · September 13, 2021, 10:07am

I have found some guides online where you create a new file and you specify a new vlan. Then you assign this VLAN to a container. Unfortunately these guides have not worked in my case.

tbigs2011 · September 21, 2021, 1:55am

Hi Guys,
I just had the displeasure of setting a syncthing docker up on my Synology NAS last night and while scrolling through the forums I noticed this post. I am happy to give you all a hand here. I too wanted the syncthing container to use a specific ip address on a seperate vlan than the Synology NAS.

The post that Spectre posted above is almost right but the command they advise to use to create the network is incorrect. I found this article that shows the correct command. Specifically it calls out the use of an actual ip address.

To run this command you have to SSH into the Synology from the default admin account.

sudo docker network create --driver=macvlan --gateway=<gateway-ip-here> --subnet=<subnet-here>/24  --ip-range=<container-ip-address-here>/32 --o parent=ovs_eth0.<vlan-number-here> <network-name-goes-here>

After you add the docker network you’ll need to reboot the NAS.
Once it reboots sign into the NAS, open the docker app, navagate to the Network tab on the docker app.
Highlight the new network that shows up and click the Manage button on the ribbon.
Click the drop down menu and choose the docker container in question.
Start up the container.