toyah 0 Posted ... Hi, Ubuntu 17.10AirVPN 2.13.6, running through Eddie When I try to start my app in Docker using "docker-compose up", I get an error: ERROR: could not find an available, non-overlapping IPv4 address pool among the defaults to assign to the network If I disable network lock and stop Eddie, Docker will start up just fine. After Googling I found a possible explanation and solution in https://stackoverflow.com/questions/45692255/how-make-openvpn-work-with-docker.With my minimal VPN and network knowledge I'm unable to judge if this is a valid and safe solution. Can anyone knowledgeable comment on this solution? Quote Share this post Link to post
Staff 9971 Posted ... After Googling I found a possible explanation and solution in https://stackoverflow.com/questions/45692255/how-make-openvpn-work-with-docker.With my minimal VPN and network knowledge I'm unable to judge if this is a valid and safe solution. Can anyone knowledgeable comment on this solution? Hello, it looks very unsafe. The script removes the tunneling routes to the VPN gateway, so your system traffic will not be necessarily tunneled over AirVPN. Comment by grisha explains the problem as well. Kind regards Quote Share this post Link to post
toyah 0 Posted ... Ok, if it looks unsafe to you I won't apply it I'm not sure how to configure grisha's proposal... I suddenly had a bright moment.Docker uses 172.0.0.0/24 for networking.The "ip route" command shows that the two apps in my Docker container use 172.17.0.0/16 and 172.18.0.0/16.I'm ok if traffic to and from these apps don't go through VPN. So I added 172.17.0.0/16 and 172.18.0.0/16 to Routes with destination 'Outside the VPN tunnel'.And that works!Almost...It fails when I activate Network Lock, as Docker tries to append to iptables... So I guess I can't run Docker when I also want network lock Quote Share this post Link to post
toyah 0 Posted ... Nope...I'm still unable to run Docker with active Network Lock. Quote Share this post Link to post
p1pb0y 0 Posted ... This worked for me, with network lock: https://stackoverflow.com/a/57152380 Debian 11 Docker-compose 1.25.0 Quote Share this post Link to post
toyah 0 Posted ... Nice, tx for posting! Not working with Docker right now, but when I pick it up again I'll try it out. Quote Share this post Link to post
p1pb0y 0 Posted ... No problem. A bit of a hassle with multi-container setup, you will need to use the legacy --link option, as described in the docker docs at https://docs.docker.com/network/drivers/bridge/ But better than any other options I could find Quote Share this post Link to post
Not connected, Your IP: 3.145.177.173
Online: 25101 users - 299177 Mbit/s total BW