Description
The PR #46455 introduced a change on how the daemon setup ipv6 inside a docker network.
However, this change forcibly activates ipv6 when in a network declaration a ipv6 subnet exists even if the enable_ipv6 parameter strictly disabled ipv6 (enable_ipv6: false) as intended.
This cause the internal network communication to fail or to be slow as they are trying to talk over ipv6 which they can't.
Reproduce
- Create a Docker Network in a docker-compose.yml with a ipv4 and ipv6 subnet and the parameter
enable_ipv6: false
- DO NOT set the native IPv6 NAT implementation inside the daemon.json
- Startup the service
- Ping a container via it's internal DNS name
- See a try via IPv6 which failes as the containers have a ipv6 address but no enabled_ipv6 option.
Expected behavior
Previously the network was not created with a ipv6 subnet as the enabled_ipv6 parameters were set to false.
docker version
Client: Docker Engine - Community
Version: 25.0.0
API version: 1.44
Go version: go1.21.6
Git commit: e758fe5
Built: Thu Jan 18 17:09:59 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 25.0.0
API version: 1.44 (minimum version 1.24)
Go version: go1.21.6
Git commit: 615dfdf
Built: Thu Jan 18 17:09:59 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.27
GitCommit: a1496014c916f9e62104b33d1bb5bd03b0858e59
runc:
Version: 1.1.11
GitCommit: v1.1.11-0-g4bccb38
docker-init:
Version: 0.19.0
GitCommit: de40ad0
docker info
Client: Docker Engine - Community
Version: 25.0.0
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.12.1
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.24.1
Path: /usr/libexec/docker/cli-plugins/docker-compose
scan: Docker Scan (Docker Inc.)
Version: v0.23.0
Path: /usr/libexec/docker/cli-plugins/docker-scan
Server:
Containers: 5
Running: 0
Paused: 0
Stopped: 5
Images: 32
Server Version: 25.0.0
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: a1496014c916f9e62104b33d1bb5bd03b0858e59
runc version: v1.1.11-0-g4bccb38
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.1.0-17-amd64
Operating System: Debian GNU/Linux 12 (bookworm)
OSType: linux
Architecture: x86_64
CPUs: 12
Total Memory: 15.62GiB
Name: develcow
ID: ce43ed34-587d-4366-9a8c-d0bf35a9e3fc
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: derlinkman
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: falseAdditional Info
Referencing: mailcow/mailcow-dockerized#5664 & mailcow/mailcow-dockerized#5668
Description
The PR #46455 introduced a change on how the daemon setup ipv6 inside a docker network.
However, this change forcibly activates ipv6 when in a network declaration a ipv6 subnet exists even if the enable_ipv6 parameter strictly disabled ipv6 (enable_ipv6: false) as intended.
This cause the internal network communication to fail or to be slow as they are trying to talk over ipv6 which they can't.
Reproduce
enable_ipv6: falseExpected behavior
Previously the network was not created with a ipv6 subnet as the enabled_ipv6 parameters were set to false.
docker version
Client: Docker Engine - Community Version: 25.0.0 API version: 1.44 Go version: go1.21.6 Git commit: e758fe5 Built: Thu Jan 18 17:09:59 2024 OS/Arch: linux/amd64 Context: default Server: Docker Engine - Community Engine: Version: 25.0.0 API version: 1.44 (minimum version 1.24) Go version: go1.21.6 Git commit: 615dfdf Built: Thu Jan 18 17:09:59 2024 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.6.27 GitCommit: a1496014c916f9e62104b33d1bb5bd03b0858e59 runc: Version: 1.1.11 GitCommit: v1.1.11-0-g4bccb38 docker-init: Version: 0.19.0 GitCommit: de40ad0docker info
Additional Info
Referencing: mailcow/mailcow-dockerized#5664 & mailcow/mailcow-dockerized#5668