我在从仅IPv6主机上的Docker(版本1.5.0)容器路由流量时遇到问题. nc -w 10 2a00:1450:4010:c07 :: 71 80输出nc:连接到2a00:1450:4010:c07 :: 71端口80(tcp)超时:操作正在进行中.
遵循this documentation ifconfig eth0; ifconfig docker0; ip -6 route show显示:
eth0 Link encap:Ethernet HWaddr fa:16:3e:74:4a:b9
inet6 addr: fe80::f816:3eff:fe74:4ab9/64 Scope:Link
inet6 addr: 2a02:6b8:0:1a71::2329/64 Scope:Global
inet6 addr: 2a02:6b8:0:1a71:f816:3eff:fe74:4ab9/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:78994 errors:0 dropped:0 overruns:0 frame:0
TX packets:20269 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:55503363 (55.5 MB) TX bytes:1945660 (1.9 MB)
docker0 Link encap:Ethernet HWaddr 56:84:7a:fe:97:99
inet addr:172.17.42.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::5484:7aff:fefe:9799/64 Scope:Link
inet6 addr: fe80::1/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:90 errors:0 dropped:0 overruns:0 frame:0
TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6528 (6.5 KB) TX bytes:2840 (2.8 KB)
2001:db8:0:2::/64 dev docker0 metric 1024
2a02:6b8:0:1a71::/64 dev eth0 proto kernel metric 256
fe80::/64 dev eth0 proto kernel metric 256
fe80::/64 dev docker0 proto kernel metric 256
default via 2a02:6b8:0:1a71::1 dev eth0 metric 2048 mtu 1450 advmss 1390
default via fe80::1 dev eth0 metric 2049 mtu 1450 advmss 1390
和ifconfig eth0; ip -6 route show in container:
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:09
inet addr:172.17.0.9 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:9/64 Scope:Link
inet6 addr: 2001:db8:0:2:0:242:ac11:9/64 Scope:Global
UP BROADCAST MTU:1500 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:110 (110.0 B) TX bytes:90 (90.0 B)
2001:db8:0:2::/64 dev eth0 proto kernel metric 256
fe80::/64 dev eth0 proto kernel metric 256
default via fe80::1 dev eth0 metric 1024
启用IPv6和IPv4路由(cat / proc / sys / net / ipv6 / conf / default / forwarding为1,cat / proc / sys / net / ipv6 / conf / all / forwarding为1).
好像我需要添加从docker0桥接IPv6流量到eth0的路由,但不知道究竟要做什么.
请停下来!
最佳答案
不推荐在IPv6环境中进行任何类型的NAT,这违背了IPv6的目的.
原文链接:https://www.f2er.com/docker/435811.html您可以使用管道工程通过IPv6完成对容器的访问.
Pipework允许更灵活的网络配置:
sudo docker run -t -i --name myimage 为了能够从Internet访问您的容器,您需要从公共IPv6的子网分配IPv6地址.
通过将IPv6地址分配给容器(eth1)中的新接口,将删除IPv4默认路由,并且新的IPv6默认路由将通过eth1指向新的IPv6默认网关.
应用管道之前的容器接口:
root@a0b5f4937c42:/# ip a
1: lo: 容器接口应用管道后:(eth1)
root@9c8372c70ddc:/# ip a
1: lo: 从容器到docker主机::
root@9c8372c70ddc:/# ping6 2001:db8:44::ff
PING 2001:db8:44::ff(2001:db8:44::ff) 56 data bytes
64 bytes from 2001:db8:44::ff: icmp_seq=1 ttl=64 time=0.134 ms
64 bytes from 2001:db8:44::ff: icmp_seq=2 ttl=64 time=0.062 ms
64 bytes from 2001:db8:44::ff: icmp_seq=3 ttl=64 time=0.061 ms
^C
--- 2001:db8:44::ff ping statistics ---
3 packets transmitted,3 received,0% packet loss,time 1998ms
rtt min/avg/max/mdev = 0.061/0.085/0.134/0.035 ms
root@9c8372c70ddc:/#
从docker主机到容器:
ping6 2001:db8:44::1
PING 2001:db8:44::1(2001:db8:44::1) 56 data bytes
64 bytes from 2001:db8:44::1: icmp_seq=1 ttl=64 time=0.092 ms
64 bytes from 2001:db8:44::1: icmp_seq=2 ttl=64 time=0.072 ms
64 bytes from 2001:db8:44::1: icmp_seq=3 ttl=64 time=0.074 ms
64 bytes from 2001:db8:44::1: icmp_seq=4 ttl=64 time=0.075 ms
^C
--- 2001:db8:44::1 ping statistics ---
4 packets transmitted,4 received,time 2997ms
rtt min/avg/max/mdev = 0.072/0.078/0.092/0.010 ms
ajn:~/docker/dockergit$
