Sadly after all those years docker still requires users to manually configure IPv6 to work. This might be because the support is only experimental even though IPv6 is not new anymore. This guide shows you how to configure it.
In my case I stumbled upon this problem when I wanted to configure Firezone which is a neat peace of software that let’s you manage a Wireguard VPN through a WebUI. It comes prepackaged as a docker container.
This guide requires that docker is already installed and working. You can test this requirement by executing the following command:
sudo docker run hello-worldIf the system returns a valid answer you’re good to go.
General Docker configuration
The first step is to configure the docker daemon. For that we need to edit /etc/docker/daemon.json which should not be present unless you previously made any changes to it. If your file is empty just add these lines to it:
{
"ip6tables": true,
"experimental": true,
"ipv6": true,
"fixed-cidr-v6": "2001:0db8::/112"
}If you already have entries in the file just add the four lines between the brackets between your existing brackets and don’t forget to check the commas. In the end the file needs to be a valid json. There are plenty of verification platforms online.
Please be aware that you still need to choose a valid value for the fixed-cidr-v6. The shown value should only be used in cases of documentation. Instead you should pick from the fc00::/7 subnet which are unique local addresses (not globally reachable). An example might be fc00:1111:2222:3333::/64
The first two lines of the change generally active IPv6 for docker. The other two configure the default bridge network. If you don’t want IPv6 for the default bridge network you can eliminate the last two lines. A per network configuration using the CLI or Compose files is still possible after that.
Next up, you must restart your docker daemon to activate your changes. This is either done by a full system reboot or by typing:
sudo systemctl restart dockerSpecific Docker network configuration
If you create a new network you still need some configuration. Depending on how you manage your networks there are two possibilities:
1. Using the CLI
docker network create --ipv6 --subnet 2001:0DB8::/112 ip6net- –ipv6 corresponds to “ipv6”: true and generally activates IPv6 for the network
- –subnet corresponds to “fixed-cidr-v6” and configures the used subnet
2001:0DB8::/112is the used subnet – this needs change since this value should only be used in documentation – use a subnet offc00::/7instead.- ip6net is the name of the network
2. Via a Compose file
networks:
ip6net:
enable_ipv6: true
subnet: 2001:0DB8::/112The creates a ipv6 capable network by the name ip6net. It uses the subnet 2001:0DB8::/112 which needs to be changed to something valid from the fc00::/7 subnet.
This article is a trimmed version of the official documentation you can find here. I hope you found it useful. Signing off.
