Here I have some (slightly maybe different) questions, but related to each other, therefore I prefered to ask them in one question.
I have been trying to allow my OpenVPN clients (OpenVPN is setup in bridge mode) to connect to Docker containers.
As known, Docker containers are all connected with each other via a bridge (
docker0 bridge or what ever).
I always used to use my own bridge (
br0) on my home server, where I setup Docker to use that bridge (
br0), and I bridge OpenVPN interface (
tap0) on that bridge, and my physical interface (
eth0), which is connected via LAN to my home router.
And that always worked for me and all OpenVPN clients were always able to access each Docker container bridged on
br0 (both OpenVPN clients and Docker containers have IPs in my LAN range).
A couple of days ago I rent a VPS, where my physical interface is directly connected to internet (it has unique public IP).
I did the same as before (setting Docker up to use my
br0 for all containers) and I bridged OpenVPN
The problem I faced, is that my OpenVPN client was NOT able to ping or access any of Docker's containers, (the containers were able to ping and access other Docker's containers, but NOT OpenVPN client), and the clients were NOT able to ping each other as well.
Does that have anything to that I have no physical interface bridged? If yes I was wondering why should I bridge the a interface of my server (connected to any router via LAN maybe) in addition to OpenVPN TAP interface to get a functional OpenVPN in bridge mode?
And that problem raised a another related question in my mind: as long as the clients are anyway part of
tap0 interface, why cannot they simple access each other without going for some reason out of TAP interface. What is the role playing by my physical interface?
If my problem was really because of there is no physical interface bridged, how can I get OpenVPN to be fully functional in bridge mode with out that physical interface (or at least maybe any solution for that as long as my physical interface is connected directly to internet without any LAN)?
I hope that some one can help me to get that OpenVPN to work