I am new to networking so I am trying this for the first time. I created an openvpn docker that connects to a VPN server. Running wget -q -O - https://api.myip.com inside the docker container confirms that the docker's network is appropriately connected to the VPN and that the IP is of the VPN server. Now I want to try to route host traffic through the docker container and achieve the same result outside the container where the host traffic uses the VPN connection of the docker. Its not really clear to me how to do this from a docker host <-> container relationship so I thought perhaps I can make use of the port mapping feature in docker and also stand up a web proxy in the docker to handle any http/https requests.
Therefore, I stood up squid and openvpn server inside the same docker and exposed port 3128 (since that is what squid is listening on). The wget command on the host becomes: wget -q -O - https://api.myip.com -e use_proxy=yes -e http_proxy=localhost:12345
But the tests shows that the traffic is not going over the docker's vpn connection. Instead results show the communication is over the host's internet connection.
I run the container using the following Docker run command:
docker run --rm --cap-add NET_ADMIN --device /dev/net/tun --name vpn -it --sysctl net.ipv6.conf.all.disable_ipv6=0 -p 12345:3128 vpn-image
Is the above approach wrong? What is the best approach to route host traffic over multiple docker vpn connections?
The following resources indicate its possible but offer there own solutions specific to their use case. It would be nice to have a Linux network tool like wget or curl that can help me debug/test my solution's progress.
- https://medium.com/@manis.eren/ssh-to-intranet-through-a-jumphost-vpn-container-3d58c3af1761
- https://forums.docker.com/t/info-about-multiple-docker-containers-with-different-vpn/87833/4
- https://github.com/dperson/openvpn-client/issues/138
- http://cyan.ly/blog/multiple-vpn-docker-2015
Aucun commentaire:
Enregistrer un commentaire