Fangtooth Apps and Multiple Nics

TrueNAS General
, ,
21

I have tried the following

eno2np1:
Alias One: 192.168.0.21/24
Alias Two: 192.168.0.142/24

and

eno2np1:
Nothing

br0:
Bridge to eno2np1
Alias One: 192.168.0.21/24
Alias Two: 192.168.0.142/24

Both work, both setups I can access the GUI via either IP address, but in my switch, 192.168.0.142 keeps vanishing, only 192.168.0.21 is persistant, so I dont know what or how TrueNAS is handling this, and this is why I was trying to use 2 nics on the same subnet, I dont want TrueNAS itself to use the second NIC at all, I want it isolated from TrueNAS, I only want Apps to use it, this is possible with VMā€™s like a hardware pass through or something.

TrueNAS seems to be still missing this feature, what ever trickery that TrueNAS is doing with multiple Alias addresses under one interface, is not working or playing nice with my Ubiquity gear at all.

22

So now I have the traffic being routed through 192.168.0.142 but its invisible to my switch, there is magic data being used, but not being reported by any device, and when having a second alias added, Plex does not function to any of the devices in the house, even though I went in and assigned Plex to use the default 192.168.0.21 as this is what it has been using.

I have now had to revert everything back to one IP, so for me Iā€™m chasing my own tail here, Iā€™m just going to setup a separate machine for the apps I want on there own IP address.

The issue I see here, is the the GUI and all Apps should NOT be accessible from both IP addresses, they should ONLY be accessible through the first address assigned end of story, the second, third or however many there is, should be dead unless assigned to an App in the apps configuration, then that address should be active for that App only, very much like when using VMā€™s each VM is given its own IP on the network by the Hypervisor via your Gateways DHCP server, this is what Iā€™m used to, and I just donā€™t understand why these Docker containers cant do the same.

To be blunt, the there should be a check box in the App config, that says to create its own IP and isolate the Appā€™s networking, then it can use DHCP and have your gateway assign it an IP, I would prefer this, I would be happy for most apps to have their own unique IP address, it allows me to work with them properly, by having them use the GUIā€™s IP but with a different port number can be problematic, and the port numbers in some cases are different to the Dockers expected port numbers, and some apps just wont work at all, Plex for some reason will not work if I unselect ā€œHost Networkā€ all the devices in the house, around 6 ATVā€™s alone, will not connect to the server, they say unavailable, select ā€œHost Networkā€ and they all connect and work as expected.

I may end up moving TrueNAS back on top of Proxmox so I can run two separate instances and gain back control over the networking, as it seems the feature Iā€™m looking for is just not doable in TrueNAS directly.

23

Right Iā€™ve done it.

I now have both of my ā€œrealā€ nics connected.

I have the second nic connected to an isolated port that is dedicated to one of my VLANS, I have that VLAN routed through my VPN, I also selected ā€œHost Networkā€ in the app, and assigned the GUI port to use the primary NIC, and the download port assigned to the secondary NIC, and once the app (qBittorrent) I had to also in the advanced settings, assign it to use the second NIC as it was still trying to use the primary NIC, I now see it in my switches console, and I can see all internet traffic being routed through my VPN.

Also, I found, I had to lock down the GUI to the IP of the primary NIC, this I believe is quite important and doesnā€™t seem to be documented anywhere yet.

So to summarise:

App in question = qBittorrent

eno2np1 (Primary NIC): 192.168.0.21/24
This one is on my main network and is locked down for GUI access in the General settings

eno1np0 (Second NIC): 10.1.95.5/24
I have this connected to a fully isolated port that is assigned to only allow access to one vlan (10.1.96.0/24)

In the app config, set GUI access to 192.168.0.21 and set BT Port to 10.1.95.5

In the apps GUI, go to settings ā†’ advanced and I set the following:

Screenshot 2025-06-06 070420
Screenshot 2025-06-06 070420751Ɨ110 5.94 KB

Then I created a rule in my Switch to divert all traffic from 10.1.95.5 to my VPN.

Job done.

If anyone is interested on how I setup the port on my Ubiquity Switch:

Screenshot 2025-06-06 073912
Screenshot 2025-06-06 073912508Ɨ632 27.3 KB

1 Like
24

Here is a little example with Portainer/docker compose on how to hook up a container to a MACVLAN interface using a specific NIC of your choice:

1 Like
25

Thanks for the reply, I did try Portainer before all this, and I very quickly, uninstalled it, Docker is witch craft to me, I struggle to grasp the concept of it, and Portainer just has too many things to understand and probably a lot to break, I just donā€™t have time to drill into it all, maybe when Iā€™m on leave from work I can spend some time on a test system and get a better understanding of it all, Iā€™m just so used to VMā€™s at this point, and time poor, any change to my network that breaks ā€œPlexā€ will result in Wife + Kids screaming at me and I also work from home so I need my network to be solid and reliable.

I have accomplished what I wanted in the end, 2 Nics 1 Machine and forcing a particular app to use a specific nic, I understand this is not what a lot of others want or are trying to do, but this is what I wanted in the first place and I got thereā€¦eventually.

Hopefully my travels will help others that are trying to do something similar.

1 Like
26

Thatā€™s if the system theyā€™re on treat them both as the same thing, but not so if they are isolated from each other, this just not the case with TrueNAS.

The network needs to see these nics as two completely separate devices, if one could be isolated and used on select apps only or say all of Docker containers, then having 2 nics on one system should not be an issue, well it has never been an issue for me in the past under Windows or Linux, but I assume TrueNAS is just not designed to work this way, and I want to stay in the bounds of what the devs of TrueNAS allow via the GUI.

Iā€™m no expert, but this is the way I think it needs to work:

Single Nick receives a DHCP IP address, then creates 2 more bridge interfaces with different DHCP IP addresses, 1 for the GUI and services like SMB, the other for Apps, and TrueNAS does the switching for these additional interfaces, so your switch will see the first IP address as nothing more than a Layer 2 style switch, with 2 devices connected to it, Iā€™m quite sure this is how a Hypervisor does it, you can choose to have interfaces visible to one another, or invisible.

All up, standard install should show up as 3 IP addresses in total

Main NIC (call it Switch): 192.168.0.20
br0 (call it GUI): 192.168.0.21
br1 (call it Apps): 192.168.0.22

Accessing 192.168.0.20 should give you nothing
Accessing 192.168.0.21 will give you the TrueNAS management interface, SMB and other service access
Accessing 192.168.0.22:3**** will give you access to the App GUI/Serive/API/Whatever