1Answer

Docker Networking

16.8k Views
  • 14
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

Docker Networking

Disclosure: I'm new to docker.

I am having trouble connecting my docker containers to the network. I have the container started and in its bash I use ping6 to another address on the network and I get destination unreachable. I have no network access so I can't yum install wireshark to see what's going on.

I have two subnets (fc8c:979b:1f4e:6ec7::/64 [my lan] and fd45:73cb:008d:16b7::/64 [for docker-containers]). If these were physical servers I would assign the docker-host as ip fc8c:979b:1f4e:6ec7:6ae9:a0dc:840f:1a81 and fd45:73cb:8d:16b7:694f:c5d1:818:4651 to be the gateway. Then I would assign static, randomly generated, IPs from fd45:73cb:8d:16b7::/64 to the docker-containers and setup the appropriate routes.

The question then .. How do I get docker-host to act as my gateway? How do I get docker-host to send the router advertisement (or equivalent) to the docker-containers?

I see a docker0 ethernet adapter, but I don't want to configure it with ip if I need to use docker commands.

      • 1
    • I'm well aware of RFC 4193. That's how I know that address is not valid. See section 3.2 for more information.
      • 2
    • Like I said, I'm looking into my random number generator. It picked the same subnet for my live maintenance network and so far it works great for them.
      • 1
    • Use valid IPv6 addresses. Those you have chosen are reserved and may not be appropriate for assignment on live systems.
      • 2
    • I'm in a lab. That space fc00::/7, while not globally routable, is defined in rfc4193. Granted something might be wrong with my random number generator since it picked those subnets ;]

Thank you Almdandi for linking the documentation which covers IPv6 from Docker.

I was able to get IPv6 working by changing two things, and here's a list of everything required.

  1. Docker
  2. Two IPv6 /64 subnets (let [Subnet_0] be what the docker-host's eth0 is connected to, and let [Subnet_1] be a dedicated /64 for the containers.
  3. Radvd (or another router advertisement solution)

Modifying the /etc/docker/daemon.json file to include

{
  "ipv6": true,
  "fixed-cidr-v6": "[Subnet_1]::/64"
}

Where [Subnet_1] is a /64 subnet from your space that will be used only for containers, and is not the subnet that the docker-host is attached to. (I used globally routable space from our /48).

Then I added a router advertisement out of the docker-host's interface eth0 using radvd with [Subnet_1] as a route.

Docker seems to

  • Setup the router from eth0 and docker0, with their applicable subnets on its own.
  • Sends the prefix advertisement for [Subnet_1] to the containers on its own.
  • 0
Reply Report

Trending Tags