我的主机有 ipv6,运行正常。但我的容器无法通过 ipv6 连接。
Docker version 18.03.1-ce, build 9ee9f40
/etc/network/interfaces(主机)
iface eth0 inet6 static
address 2001:xxxx:5000:20::0010
netmask 64
gateway 2001:xxxx:5000:20::1
/etc/docker/daemon.json
{
"ipv6": true,
"fixed-cidr-v6": "2001:xxxx:5000:20::/64",
"default-gateway-v6": "2001:xxxx:5000:20::1"
}
sysctl(主机)
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding=1
docker run -it alpine ash -c “ip -6 addr show dev eth0; ip -6 route show; ping6 google.com”
259: eth0@if260: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 state UP
inet6 2001:xxxx:5000:20::242:ac11:2/64 scope global flags 02
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link tentative
valid_lft forever preferred_lft forever
2001:xxxx:5000:20::/64 dev eth0 metric 256
fe80::/64 dev eth0 metric 256
default via 2001:xxxx:5000:20::1 dev eth0 metric 1024
ff00::/8 dev eth0 metric 256
PING google.com (2a00:1450:4009:801::200e): 56 data bytes
Ping 挂了
答案1
将 /64 更改为 /80。
/etc/docker/daemon.json
{
"ipv6": true,
"fixed-cidr-v6": "2001:xxxx:5000:20::/80",
}
您可能需要打开
sysctl -w net.ipv6.conf.all.proxy_ndp=1
答案2
尝试传递--network host给您的 docker run 命令。这将使您的容器可以访问主机上的所有接口。
来自docker文档:
Note: --network="host" gives the container full access to local system services such as D-bus and is therefore considered insecure.