Configure Duel Ethernet NAS using Docker.
Configure Duel Ethernet NAS using Docker.
You're setting up a clear separation between your main network and the IoT network. To run devices like Philips Hue in Docker containers on the NAS while restricting them to the IoT network, you'd need to configure network policies or use a service mesh. This way, containers on the NAS would only communicate within the IoT network, while still allowing access to other services like Minecraft on the main network. It’s feasible with careful setup but requires understanding of your NAS and container orchestration tools.
They don't explain the exact method, but you can achieve this. I have one IP address and the filewall controls which subnets can access services on their server. You can also set routes individually for each program, container, or VM.
No subnets are linked via a router. Synology does not support assigning IP addresses directly within the Docker container.
I’m connected to a UniFi network, with the IoT network restricted to a single VLAN and access only to other devices within that VLAN and the internet.
You're facing an issue with linking containers to the right network adapter. That's the main hurdle you need to overcome.
OK so think I may have a way to do this.... want thoughts though, so discovered that I can change firewall rules per NIC, so right now I have it de so that on NIC 1 (main network) everything is blocked unless specified, and I can designate specific docker images as part of that, and NIC 2 (IOT network) is by default set to allow all port if the port is in use with all the items allowed on NIC 1 blocked on NIC 2.
Wouldn't it be simpler to handle the firewall on the router rather than the NAS? Also, I'd prefer a different hypervisor here that offers superior network management; Synology isn't recognized for being a strong hypervisor.