mynetworks_style -> subnet within containers

Tue, 13 Dec 2022 21:29:30 -0800 

Hello postfix experts:
So today I finished my initial setup of docker with different containers running different email services. There's a container for postfix, one for dovecot, one for fetchmail, one for postfixadmin, etc.
The networking is basically bridged from every container to the outside. In fact, I didn't set this manually, as docker-compose automatically creates a network for all its components. The binding is strictly with localhost. The outside world accesses the containers through tcp forwarding with HAProxy, which binds to the required ports in the containers (143, 587, etc). The command `docker ps` shows the bindings for postfix: 


127.0.0.1:3725->25/tcp, 127.0.0.1:37465->465/tcp, 127.0.0.1:37587->587/tcp
In order to give other containers easy access to postfix (like fetchmail, for example, to deliver fetched emails), I chose the setting: 


mynetworks_style = subnet
The rationale behind this is that (in my head, and that's why I'm asking here since I'm no expert), is that everything in the subnet, i.e., the containers, should consider each other "mynetwork". Does that make sense? 


Within the postfix container, this is what ifconfig returns:


```

# ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.30.0.3  netmask 255.255.0.0  broadcast 172.30.255.255
        ether 02:42:ac:1e:00:03  txqueuelen 0  (Ethernet)
        RX packets 434  bytes 57106 (55.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 427  bytes 133987 (130.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 72  bytes 6173 (6.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 72  bytes 6173 (6.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

```


Other containers seem to share the same subnet with that subnet mask.
Please let me know whether I'm reasoning correctly about this and whether it's right to choose that setting (and, also, whether I missed something in my setup, if obvious). 


Best regards,

Sam

Reply via email to