d-bis/explorer-monorepo
4
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
8380a36c673d98b50c25de762012acd386c0cc6a
explorer-monorepo/PROXMOX_CONFIGURATION_ANALYSIS.md

160 lines
3.6 KiB
Markdown
Raw Blame History

# Proxmox Configuration Analysis
**Date**: 2026-01-21
**Container**: 10233 (npmplus) on r630-01
---
## Configuration Confirmed
### Container Status
- **Status**: ✅ Running (Uptime: 3 days 18:11:51)
- **Node**: r630-01
- **Unprivileged**: Yes
- **Resources**: Healthy (CPU: 1.18%, Memory: 37.14%)
### Network Configuration
The container has **TWO network interfaces**:
#### Interface 1: net0 (eth0)
- **IP Address**: `192.168.11.166/24` (static)
- **IPv6**: `fe80::be24:11ff:fe18:1c5d/64` (dynamic)
- **Bridge**: vmbr0
- **VLAN**: 11
- **Gateway**: 192.168.11.1
- **Firewall**: No (Proxmox firewall disabled)
- **Status**: ❌ **NOT ACCESSIBLE** (Connection refused)
#### Interface 2: net1 (eth1)
- **IP Address**: `192.168.11.167/24` (static)
- **IPv6**: `fe80::be24:11ff:fe5b:50d9/64` (dynamic)
- **Bridge**: vmbr0
- **Firewall**: No (Proxmox firewall disabled)
- **Status**: ✅ **ACCESSIBLE** (HTTP 308/200)
---
## Issue Confirmed
**Problem**:
- Container is configured with IP `192.168.11.166` (net0/eth0)
- But NPMplus is only accessible on `192.168.11.167` (net1/eth1)
- UDM Pro port forwarding is likely configured for `192.168.11.166`
**Root Cause**:
- Docker host network mode in LXC container with multiple interfaces
- NPMplus is binding to eth1 instead of eth0
- This is a known issue with Docker host networking in LXC containers
---
## Solution Options
### Option 1: Update UDM Pro Port Forwarding (Quick Fix - Recommended)
**Change destination IP from 192.168.11.166 to 192.168.11.167**
1. Access UDM Pro Web UI
2. Settings → Firewall & Security → Port Forwarding
3. Find rules for `76.53.10.36:80/443`
4. Edit destination IP: `192.168.11.166``192.168.11.167`
5. Save and wait 30 seconds
**Pros**:
- Quick fix, no container changes
- No downtime
**Cons**:
- Uses secondary interface (may be confusing)
### Option 2: Remove Secondary Network Interface (Clean Fix)
**Remove net1 (eth1) from container**:
```bash
ssh root@r630-01
pct set 10233 --delete net1
pct shutdown 10233
pct start 10233
```
**Pros**:
- Clean configuration (single IP)
- Matches expected configuration
**Cons**:
- Requires container restart
- May break if net1 is needed for other services
### Option 3: Fix Docker Network Binding (Advanced)
**Change Docker container to bridge network mode**:
```bash
ssh root@r630-01
# Stop NPMplus
pct exec 10233 -- docker stop npmplus
pct exec 10233 -- docker rm npmplus
# Recreate with bridge network
pct exec 10233 -- docker run -d \
--name npmplus \
--restart unless-stopped \
--network bridge \
-p 80:80 \
-p 443:443 \
-p 81:81 \
-v /data/npmplus:/data \
-v /data/letsencrypt:/etc/letsencrypt \
zoeyvid/npmplus:latest
```
**Pros**:
- Proper network isolation
- Works correctly with LXC containers
**Cons**:
- Requires Docker container recreation
- May need to verify data volumes
---
## Recommended Action
**Immediate Fix**: Update UDM Pro port forwarding to use `192.168.11.167`
**Long-term Fix**: Consider removing net1 or fixing Docker network mode
---
## Verification After Fix
```bash
# Test NPMplus direct access
curl -I http://192.168.11.167:80
curl -I https://192.168.11.167:443 -k
# Test external access (from tethering)
curl -I https://explorer.d-bis.org
# Test NPMplus → VMID 5000
ssh root@r630-01
pct exec 10233 -- curl -H "Host: explorer.d-bis.org" http://192.168.11.140:80
```
---
## Summary
**Current State**:
- Container running with two IPs
- NPMplus accessible on 192.168.11.167, not 192.168.11.166
- Port forwarding likely pointing to wrong IP
**Action Required**:
- Update UDM Pro port forwarding destination to 192.168.11.167
**Status**: ⚠️ **CONFIGURATION MISMATCH** - Fix port forwarding
Reference in New Issue View Git Blame Copy Permalink