3.6 KiB
3.6 KiB
Proxmox Configuration Analysis
Date: 2026-01-21
Container: 10233 (npmplus) on r630-01
Configuration Confirmed
Container Status
- Status: ✅ Running (Uptime: 3 days 18:11:51)
- Node: r630-01
- Unprivileged: Yes
- Resources: Healthy (CPU: 1.18%, Memory: 37.14%)
Network Configuration
The container has TWO network interfaces:
Interface 1: net0 (eth0)
- IP Address:
192.168.11.166/24(static) - IPv6:
fe80::be24:11ff:fe18:1c5d/64(dynamic) - Bridge: vmbr0
- VLAN: 11
- Gateway: 192.168.11.1
- Firewall: No (Proxmox firewall disabled)
- Status: ❌ NOT ACCESSIBLE (Connection refused)
Interface 2: net1 (eth1)
- IP Address:
192.168.11.167/24(static) - IPv6:
fe80::be24:11ff:fe5b:50d9/64(dynamic) - Bridge: vmbr0
- Firewall: No (Proxmox firewall disabled)
- Status: ✅ ACCESSIBLE (HTTP 308/200)
Issue Confirmed
Problem:
- Container is configured with IP
192.168.11.166(net0/eth0) - But NPMplus is only accessible on
192.168.11.167(net1/eth1) - UDM Pro port forwarding is likely configured for
192.168.11.166
Root Cause:
- Docker host network mode in LXC container with multiple interfaces
- NPMplus is binding to eth1 instead of eth0
- This is a known issue with Docker host networking in LXC containers
Solution Options
Option 1: Update UDM Pro Port Forwarding (Quick Fix - Recommended)
Change destination IP from 192.168.11.166 to 192.168.11.167
- Access UDM Pro Web UI
- Settings → Firewall & Security → Port Forwarding
- Find rules for
76.53.10.36:80/443 - Edit destination IP:
192.168.11.166→192.168.11.167 - Save and wait 30 seconds
Pros:
- Quick fix, no container changes
- No downtime
Cons:
- Uses secondary interface (may be confusing)
Option 2: Remove Secondary Network Interface (Clean Fix)
Remove net1 (eth1) from container:
ssh root@r630-01
pct set 10233 --delete net1
pct shutdown 10233
pct start 10233
Pros:
- Clean configuration (single IP)
- Matches expected configuration
Cons:
- Requires container restart
- May break if net1 is needed for other services
Option 3: Fix Docker Network Binding (Advanced)
Change Docker container to bridge network mode:
ssh root@r630-01
# Stop NPMplus
pct exec 10233 -- docker stop npmplus
pct exec 10233 -- docker rm npmplus
# Recreate with bridge network
pct exec 10233 -- docker run -d \
--name npmplus \
--restart unless-stopped \
--network bridge \
-p 80:80 \
-p 443:443 \
-p 81:81 \
-v /data/npmplus:/data \
-v /data/letsencrypt:/etc/letsencrypt \
zoeyvid/npmplus:latest
Pros:
- Proper network isolation
- Works correctly with LXC containers
Cons:
- Requires Docker container recreation
- May need to verify data volumes
Recommended Action
Immediate Fix: Update UDM Pro port forwarding to use 192.168.11.167
Long-term Fix: Consider removing net1 or fixing Docker network mode
Verification After Fix
# Test NPMplus direct access
curl -I http://192.168.11.167:80
curl -I https://192.168.11.167:443 -k
# Test external access (from tethering)
curl -I https://explorer.d-bis.org
# Test NPMplus → VMID 5000
ssh root@r630-01
pct exec 10233 -- curl -H "Host: explorer.d-bis.org" http://192.168.11.140:80
Summary
Current State:
- Container running with two IPs
- NPMplus accessible on 192.168.11.167, not 192.168.11.166
- Port forwarding likely pointing to wrong IP
Action Required:
- Update UDM Pro port forwarding destination to 192.168.11.167
Status: ⚠️ CONFIGURATION MISMATCH - Fix port forwarding