Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not working with existing br0 interface #29

Open
hemna opened this issue Feb 18, 2022 · 2 comments
Open

Not working with existing br0 interface #29

hemna opened this issue Feb 18, 2022 · 2 comments

Comments

@hemna
Copy link

hemna commented Feb 18, 2022 

docker network create -d ghcr.io/devplayer0/docker-net-dhcp:release-linux-amd64 --ipam-driver null -o bridge=br0 -o ipv6=true --subnet 2602:fe43:f00:fc91:xxxx:xxxx:xxxx:xxxx/64 external_ipv6

br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.5  netmask 255.255.0.0  broadcast 192.168.255.255
        inet6 fe80::3e4a:92ff:fef5:bc08  prefixlen 64  scopeid 0x20<link>
        inet6 2602:fe43:f00:fc91:xxxx:xxxx:xxxx:xxxx  prefixlen 64  scopeid 0x0<global>
        ether 3c:xx:xx:xx:xx:xx  txqueuelen 1000  (Ethernet)
        RX packets 7215935  bytes 9902612238 (9.9 GB)
        RX errors 0  dropped 75  overruns 0  frame 0
        TX packets 3777284  bytes 1131167161 (1.1 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

└─> docker run --rm -ti --network external_ipv6 alpine
docker: Error response from daemon: failed to create endpoint confident_gould on network external_ipv6: NetworkDriver.CreateEndpoint: failed to get initial IP address via DHCP: context deadline exceeded.

my bridge interface works fine, as it has a dhcp6 address from my /64 subnet.

└─> ping6 ipv6.google.com
PING ipv6.google.com(iad30s43-in-x0e.1e100.net (2607:f8b0:4004:82f::200e)) 56 data bytes
64 bytes from iad30s43-in-x0e.1e100.net (2607:f8b0:4004:82f::200e): icmp_seq=1 ttl=118 time=17.6 ms
64 bytes from iad30s43-in-x0e.1e100.net (2607:f8b0:4004:82f::200e): icmp_seq=2 ttl=118 time=17.4 ms
64 bytes from iad30s43-in-x0e.1e100.net (2607:f8b0:4004:82f::200e): icmp_seq=3 ttl=118 time=18.5 ms
64 bytes from iad30s43-in-x0e.1e100.net (2607:f8b0:4004:82f::200e): icmp_seq=4 ttl=118 time=18.1 ms
@Kissycat
Copy link

Same as yours..

@Vigilans
Copy link

-o ipv6 will use DHCPv6 to obtain ipv6 address. However, for router it is often the case that ipv6 address is obtained through SLAAC, and is configured by kernel itself instead of docker-net-dhcp's udhcpc6.

When router is configured to be Stateless DHCPv6, DHCPv6 is just used to fetch information like DNS servers, but not IPv6 address, thus will result in the error failed to get initial IP address via DHCP.

To obtain an ipv6 address, either to use Stateful DHCPv6 with configured IPv6 address pool (then use -o ipv6=true to use udhcpc6), or use linux kernel's automatic SLAAC configuration (with -o ipv6=false or not set).

However, for docker container's SLAAC to work, you need to modify some sysctl options, because automatic SLAAC is disabled for docker's deault sysctl setting (see docker/for-linux#1373). There are two ways to fix it:

  • --sysctl net.ipv6.conf.all.forwarding=0: the easiest way. And
  • --sysctl net.ipv6.conf.{main interface in container}.accept_ra=2: the proper way if you want ipv6 forwarding. Note all CANNOT be used here because of a linux kernel bug: see here and here

@Vigilans Vigilans mentioned this issue Mar 9, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hemna @Vigilans @Kissycat