Hi TCP users,

Currently, I have a homelab server that runs Jellyfin with direct access to local media content and a reverse proxy point to it. While it works well for people in Europe (where the server is), it is quite slow for some of my friends who are living in Asia. I am having some options in mind:

• Hire a VPS in Asia and set up another Jellyfin instance there. This works but I don't really want to have two Jellyfin instances with two databases and also accessing to local media content will be curbersome to manage.
• Hire a VPS in Asia and set up a CDN but I am not sure if it will ever work with Jellyfin ?

So I would like to ask do you know any things about this and any idea to improve this situation ?

Thank you very much!

Edit: Thanks for all of your response. Based on my experience, I think the slowness is caused by the fact that there are too many hops to jump through before reaching the final client. So I think I will try to do several things:

• Try to optimize my upload speed, it is fast enough but not very stable recently so it could have some impact
• Set up a second Jellyfin instance and sync a part of my library there for my friends.

Edit: Slow here means both slow page loading and slow buffering.

Hello selfhosters,

I have two ip routes on my selfhosted server:

• The first and default one is routing throught my ISP router.
• The second one is a Wireguard connection that is imported and managed via Network Manager with the below options so it does not interfere with the default route.

sudo nmcli con modify wg ipv4.never-default true
sudo nmcli con modify wg ipv6.never-default true
sudo nmcli con modify wg ipv6.routes '::/0'
sudo nmcli con modify wg ipv6.route-metric 1000

I could test this setup with

curl ifconfig.me // IP from ISP
curl --interface wg ifconfig.me // IP of the VPN

Right now I would like to tell docker to create a bridge network that routes outgoing traffic from that bridge network throught the second (the VPN) route but I am struggling to do it.

I've tried to do this

docker network create vpn-net -o com.docker.network.host_ipv4=10.x.y.z // VPN inet obtained via ip addr show

but it does not work.

Do you have any suggestion about it ? Thank you very much!

Edit to provide more context:

Currently, what I am doing is adding network_mode: gluetun to all the containers that need to access to the internet: linkwarden, my arr stacks, qbit, IRC client, etc. This works great but it makes me paranoid because there is no isolation anymore, i.e qbit could access (or at least ping) to linkwarden's database since they are all in the same VPN network.

Therefore, I want to have more isolation between services: each service has their own bridge network so no other container could access the resources inside that network. I am thinking about running a VPN for each service but that sounds absurd and also there are limit of 5 devices so it is quite annoying to do this.

That's why I am asking is there anyway to tell docker bridge network to use specific host interface instead. The reason why I don't run a machine-wide VPN is because for some services, I prefer that they have the highest network speed and doesn't have to deal with the VPN overhead (like qbit should have their own gluetun container with its own port forwarding).

Same reason why I don't use a macvlan or ipvlan network, because there is no isolation. Please correct me if I am wrong on this. Thank you :D