EFP
ElfHosted / Funky Penguin11mo ago
wrathek

Traefik with containers on different network

I KNOW this has to be a dumb question, but I've been banging my head against the wall for days trying to get this to work. TL;DR, I have traefik running just fine for everything but my instance of adguard home, which I have on a vlan in host mode. When trying to connect to dns.website, traefik tells me "no route to host" on the IP (which I have defined in a dynamic configuration, so it knows the exact static IP & port). The reason this is driving me so insane, is I had this working 100% flawlessly, up until my server lost power a few days ago. Now, no matter what I do, I cannot get it to route correctly anymore. I've tried the obvious like adding adguard to the t2_proxy network that traefik and all other containers are on, via portainer, but then traefik gives a "connection refused" error when trying to route to the IP assigned in the proxy network. (Perhaps this is the correct route to chase down, but I'm just not sure what else to do to fix it). I've also tried adding traefik to the vlan in addition to t2_proxy, but then traefik FREAKS and I have to completely stop it and remove it from the container before anything works again. Please help! Nothing on the internet is leading me to a solution, and trust me, I've researched for literal hours every single day. yml's incoming next, post is too long.
8 Replies
wrathek
wrathekOP11mo ago
attching files here, apparently the main one is too much text lol. dns.yml = the dynamic config for ad-guard, dsm.yml is an example of one completely external to docker that I have working.
funkypenguin | ElfHosted
funkypenguin | ElfHosted11mo ago
Could it be asymmetric routing to the adguard instance? Can adguard be reached by DNS clients?
wrathek
wrathekOP11mo ago
It can indeed be reached by DNS clients, i have my router pointed at it granted, I have the IP pointed, so... maybe not?
funkypenguin | ElfHosted
funkypenguin | ElfHosted11mo ago
And you pointed Traefik to the same IP?
wrathek
wrathekOP11mo ago
Yes sir, the very same It’s like it knows to route to it, it just doesn’t know how. Is there an equivalent to an overlay network in standalone mode? Or someway to tell one bridge how to route to another? here's the log output line I get everytime: 
level=debug msg="'502 Bad Gateway' caused by: dial tcp 192.168.1.25:443: connect: no route to host"
level=debug msg="'502 Bad Gateway' caused by: dial tcp 192.168.1.25:443: connect: no route to host"
funkypenguin | ElfHosted
funkypenguin | ElfHosted11mo ago
are you explicitly assigning the /24s on your overlay networks?
wrathek
wrathekOP11mo ago
turns out it WAS a stupid question after all, thank goodness the t2_proxy address was the right rabbithole to chase down. turns out I simply needed to explicitly add that IP to adguard's config, which allows you to assign multiple IPs to listen to as soon as I did that it worked just like it should the changes that finally helped, for someone in the future (or myself when the power dying somehow messes this up again): in the dynamic config for adguard: 
  services:
    adguard-svc:
      loadBalancer:
        servers:
          - url: "https://192.168.30.17:443/"
  services:
    adguard-svc:
      loadBalancer:
        servers:
          - url: "https://192.168.30.17:443/"
AdGuardHome.yaml: 
dns:
  bind_hosts:
    - 192.168.1.25
    - 192.168.30.17
dns:
  bind_hosts:
    - 192.168.1.25
    - 192.168.30.17
(keeping the t2_proxy ip with the original port of 80 gave a tls handshake error)
funkypenguin | ElfHosted
funkypenguin | ElfHosted11mo ago
sweet!
Want results from more Discord servers?
Add your server