Description
Setup Docker with IPv6 (tested on a fresh machine), where the IPv6 gateway is not at the traditional address. daemon.json with following content:
{
"storage-driver": "overlay2",
"ipv6": true,
"fixed-cidr-v6": "2001:41d0:1:dbc4::/56",
"default-gateway-v6": "2001:41d0:1:dbff:ff:ff:ff:ff"
}On the host:
ifconfig returns:
docker0 Link encap:Ethernet HWaddr 02:42:c1:7e:25:b4
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::1/64 Scope:Link
inet6 addr: 2001:41d0:1:db00::1/56 Scope:Global
inet6 addr: fe80::42:c1ff:fe7e:25b4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:91 errors:0 dropped:0 overruns:0 frame:0
TX packets:95 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9003 (9.0 KB) TX bytes:9523 (9.5 KB)
eth0 Link encap:Ethernet HWaddr 00:25:90:50:d5:10
inet addr:91.121.154.196 Bcast:91.121.154.255 Mask:255.255.255.0
inet6 addr: fe80::225:90ff:fe50:d510/64 Scope:Link
inet6 addr: 2001:41d0:1:dbc4::1/56 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4152393 errors:0 dropped:0 overruns:0 frame:0
TX packets:288620 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:415777011 (415.7 MB) TX bytes:29767545 (29.7 MB)
Interrupt:16 Memory:fbce0000-fbd00000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:2368 errors:0 dropped:0 overruns:0 frame:0
TX packets:2368 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:365057 (365.0 KB) TX bytes:365057 (365.0 KB)
vethb9812af Link encap:Ethernet HWaddr 66:bb:f0:5b:71:f8
inet6 addr: fe80::64bb:f0ff:fe5b:71f8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:42 errors:0 dropped:0 overruns:0 frame:0
TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5327 (5.3 KB) TX bytes:5433 (5.4 KB)
vethf7f5125 Link encap:Ethernet HWaddr 32:d2:9f:d4:23:64
inet6 addr: fe80::30d2:9fff:fed4:2364/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:41 errors:0 dropped:0 overruns:0 frame:0
TX packets:64 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4302 (4.3 KB) TX bytes:6764 (6.7 KB)ip -6 route returns:
2001:41d0:1:dbff:ff:ff:ff:ff dev eth0 metric 1024 pref medium
2001:41d0:1:db00::/56 dev docker0 proto kernel metric 256 pref medium
2001:41d0:1:db00::/56 dev eth0 proto kernel metric 256 pref medium
2001:41d0:1:db00::/56 dev docker0 metric 1024 pref medium
fe80::/64 dev docker0 proto kernel metric 256 pref medium
fe80::/64 dev vethf7f5125 proto kernel metric 256 pref medium
fe80::/64 dev vethb9812af proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via 2001:41d0:1:dbff:ff:ff:ff:ff dev eth0 metric 1024 pref medium
ip -6 addr returns:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2001:41d0:1:dbc4::1/56 scope global
valid_lft forever preferred_lft forever
inet6 fe80::225:90ff:fe50:d510/64 scope link
valid_lft forever preferred_lft forever
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP
inet6 2001:41d0:1:db00::1/56 scope global
valid_lft forever preferred_lft forever
inet6 fe80::42:c1ff:fe7e:25b4/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::1/64 scope link
valid_lft forever preferred_lft forever
8: vethf7f5125@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP
inet6 fe80::30d2:9fff:fed4:2364/64 scope link
valid_lft forever preferred_lft forever
10: vethb9812af@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP
inet6 fe80::64bb:f0ff:fe5b:71f8/64 scope link
valid_lft forever preferred_lft foreverThe gateway is at an address provided by my server provider/ISP and cannot be changed.
In a docker container:
executing ip -6 route returns:
2001:41d0:1:db00::/56 dev eth0 metric 256
fe80::/64 dev eth0 metric 256
default via 2001:41d0:1:db00:ff:ff:ff:ff dev eth0 metric 1024
unreachable default dev lo metric -1 error -101
ff00::/8 dev eth0 metric 256
unreachable default dev lo metric -1 error -101
executing ip -6 addr returns:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 state UP
inet6 2001:41d0:1:db00::242:ac11:2/56 scope global flags 02
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link
valid_lft forever preferred_lft foreverExecuting docker inspect {containerId} for the container in question returns (cut to pertinent info)
[
{
"NetworkSettings": {
"Bridge": "",
"SandboxID": "0cd3f4b2f9ca653fa8c7782e4e839c017894d0d30aa5d7a2cdd314964782afd9",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/0cd3f4b2f9ca",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "4a5df933f52c2789838f0d4a1822df997a30c988894982bdcd29d4cc3c3ccdd5",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "2001:41d0:1:db00:0:242:ac11:2",
"GlobalIPv6PrefixLen": 56,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "2001:41d0:1:db00:ff:ff:ff:ff",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "71e4ff9707a415ec13fecf2bce4bffe1042b0718a9c6005455970ea4d87889db",
"EndpointID": "4a5df933f52c2789838f0d4a1822df997a30c988894982bdcd29d4cc3c3ccdd5",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "2001:41d0:1:db00:ff:ff:ff:ff",
"GlobalIPv6Address": "2001:41d0:1:db00:0:242:ac11:2",
"GlobalIPv6PrefixLen": 56,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]I will highlight that the IPv6Gateway is returning as 2001:41d0:1:db00:ff:ff:ff:ff which does not match what I have set in my daemon.json
Describe the results you received:
I will highlight that the IPv6Gateway is returning as 2001:41d0:1:db00:ff:ff:ff:ff which does not match what I have set in my daemon.json
Describe the results you expected:
Containers should respond to requests on exposed ports over the internet.
Additional information you deem important (e.g. issue happens only occasionally):
Output of docker version:
Client:
Version: 17.06.2-ce
API version: 1.30
Go version: go1.8.3
Git commit: cec0b72
Built: Tue Sep 5 20:00:17 2017
OS/Arch: linux/amd64
Server:
Version: 17.06.2-ce
API version: 1.30 (minimum version 1.12)
Go version: go1.8.3
Git commit: cec0b72
Built: Tue Sep 5 19:59:11 2017
OS/Arch: linux/amd64
Experimental: false
Output of docker info:
Containers: 3
Running: 2
Paused: 0
Stopped: 1
Images: 2
Server Version: 17.06.2-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 6e23458c129b551d5c9871e5174f6b1b7f6d1170
runc version: 810190ceaa507aa2727d7ae6f4790c76ec150bd2
init version: 949e6fa
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.4.0-96-generic
Operating System: Ubuntu 16.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.66GiB
Name: docker.example.com
ID: S5F3:T2DN:SGEJ:EAG2:PNK3:HMHY:YEZL:BYXK:MHCK:6SW7:KOGP:TTPO
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
Additional environment details (AWS, VirtualBox, physical, etc.):
Physical server, provided by OVH/Kimsufi.
Description
Setup Docker with IPv6 (tested on a fresh machine), where the IPv6 gateway is not at the traditional address.
daemon.jsonwith following content:{ "storage-driver": "overlay2", "ipv6": true, "fixed-cidr-v6": "2001:41d0:1:dbc4::/56", "default-gateway-v6": "2001:41d0:1:dbff:ff:ff:ff:ff" }On the host:
ifconfigreturns:docker0 Link encap:Ethernet HWaddr 02:42:c1:7e:25:b4 inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0 inet6 addr: fe80::1/64 Scope:Link inet6 addr: 2001:41d0:1:db00::1/56 Scope:Global inet6 addr: fe80::42:c1ff:fe7e:25b4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:91 errors:0 dropped:0 overruns:0 frame:0 TX packets:95 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:9003 (9.0 KB) TX bytes:9523 (9.5 KB) eth0 Link encap:Ethernet HWaddr 00:25:90:50:d5:10 inet addr:91.121.154.196 Bcast:91.121.154.255 Mask:255.255.255.0 inet6 addr: fe80::225:90ff:fe50:d510/64 Scope:Link inet6 addr: 2001:41d0:1:dbc4::1/56 Scope:Global UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4152393 errors:0 dropped:0 overruns:0 frame:0 TX packets:288620 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:415777011 (415.7 MB) TX bytes:29767545 (29.7 MB) Interrupt:16 Memory:fbce0000-fbd00000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:2368 errors:0 dropped:0 overruns:0 frame:0 TX packets:2368 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:365057 (365.0 KB) TX bytes:365057 (365.0 KB) vethb9812af Link encap:Ethernet HWaddr 66:bb:f0:5b:71:f8 inet6 addr: fe80::64bb:f0ff:fe5b:71f8/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:42 errors:0 dropped:0 overruns:0 frame:0 TX packets:60 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:5327 (5.3 KB) TX bytes:5433 (5.4 KB) vethf7f5125 Link encap:Ethernet HWaddr 32:d2:9f:d4:23:64 inet6 addr: fe80::30d2:9fff:fed4:2364/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:41 errors:0 dropped:0 overruns:0 frame:0 TX packets:64 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:4302 (4.3 KB) TX bytes:6764 (6.7 KB)ip -6 routereturns:ip -6 addrreturns:The gateway is at an address provided by my server provider/ISP and cannot be changed.
In a docker container:
executing
ip -6 routereturns:executing
ip -6 addrreturns:Executing
docker inspect {containerId}for the container in question returns (cut to pertinent info)[ { "NetworkSettings": { "Bridge": "", "SandboxID": "0cd3f4b2f9ca653fa8c7782e4e839c017894d0d30aa5d7a2cdd314964782afd9", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": {}, "SandboxKey": "/var/run/docker/netns/0cd3f4b2f9ca", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "4a5df933f52c2789838f0d4a1822df997a30c988894982bdcd29d4cc3c3ccdd5", "Gateway": "172.17.0.1", "GlobalIPv6Address": "2001:41d0:1:db00:0:242:ac11:2", "GlobalIPv6PrefixLen": 56, "IPAddress": "172.17.0.2", "IPPrefixLen": 16, "IPv6Gateway": "2001:41d0:1:db00:ff:ff:ff:ff", "MacAddress": "02:42:ac:11:00:02", "Networks": { "bridge": { "IPAMConfig": null, "Links": null, "Aliases": null, "NetworkID": "71e4ff9707a415ec13fecf2bce4bffe1042b0718a9c6005455970ea4d87889db", "EndpointID": "4a5df933f52c2789838f0d4a1822df997a30c988894982bdcd29d4cc3c3ccdd5", "Gateway": "172.17.0.1", "IPAddress": "172.17.0.2", "IPPrefixLen": 16, "IPv6Gateway": "2001:41d0:1:db00:ff:ff:ff:ff", "GlobalIPv6Address": "2001:41d0:1:db00:0:242:ac11:2", "GlobalIPv6PrefixLen": 56, "MacAddress": "02:42:ac:11:00:02", "DriverOpts": null } } } } ]I will highlight that the
IPv6Gatewayis returning as2001:41d0:1:db00:ff:ff:ff:ffwhich does not match what I have set in mydaemon.jsonDescribe the results you received:
I will highlight that the
IPv6Gatewayis returning as2001:41d0:1:db00:ff:ff:ff:ffwhich does not match what I have set in mydaemon.jsonDescribe the results you expected:
Containers should respond to requests on exposed ports over the internet.
Additional information you deem important (e.g. issue happens only occasionally):
Output of
docker version:Output of
docker info:Additional environment details (AWS, VirtualBox, physical, etc.):
Physical server, provided by OVH/Kimsufi.