Static route issue: Access problems with some containers (ipvlan L3)

[catapimba]

I have a Docker host where I defined an ipvlan L3 network with a subnet of 192.168.95.0/24. I then created containers with specific IPs within this network. On OPNsense, I configured a gateway pointing to my Docker host and a static route for the 192.168.95.0/24 network.

I can ping all the containers and access my MSSQL container, but I can't access other containers like MariaDB, NGINX, and phpMyAdmin. Interestingly, if I change them to Docker's default network, they become accessible again. I suspect firewall rules might be blocking traffic on specific ports, but I cannot add rules for this subnet, right? I also enabled the OPNsense advanced firewall option "Bypass firewall rules for traffic on the same interface," but that didn't make a difference either.

Any help is appreciated.

[kryptonian]

Hey,

Random question, but does your containers be also unable to access internet via the gw? If yes, and firewall log shows state violations, that's probably related to your issue.

[catapimba]

Sorry for only replying today. It was actually a misconfiguration in my docker's ipvlan.