Ping a Specific Port

Question

Tuinslak

Asked: 2021-02-23 07:17:18 +0800 CST2021-02-23 07:17:18 +0800 CST 2021-02-23 07:17:18 +0800 CST

Make Docker listen to the IPv6 address of server, forward IPv6 requests to right container

772

My server is running on both IPv4 and IPv6. Docker is running on (local) IPv4 addresses (ie 192.168.100.1/24). I did not enable IPv6 inside daemon.json as I understand that to be rather buggy and requires me to have a full IPv6 /64 range available.

For example, a reverse-proxy nginx docker container is running at superuser.one -- that IP is accessible both over IPv4 and IPv6.

# dig superuser.one +short a
85.17.140.73
# dig superuser.one +short aaaa
2001:1af8:4200:a003:1:aaaa:0:123

And IPv6 is working:

# ping6 superuser.one -c 1
PING superuser.one(2001:1af8:4200:a003:1:aaaa:0:123 (2001:1af8:4200:a003:1:aaaa:0:123)) 56 data bytes
64 bytes from 2001:1af8:4200:a003:1:aaaa:0:123 (2001:1af8:4200:a003:1:aaaa:0:123): icmp_seq=1 ttl=57 time=19.5 ms

--- superuser.one ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 19.526/19.526/19.526/0.000 ms

However, when accessing the webserver (or other services running behind Docker), IPv6 doesn't work:

# curl https://superuser.one -6 -I
curl: (7) Failed to connect to superuser.one port 443: Connection refused

While IPv4 works fine:

# curl https://superuser.one -4 -I
HTTP/2 200
server: nginx
date: Mon, 22 Feb 2021 15:10:37 GMT
[...]

How can I get Docker to listen to the server's IPv6 address and forward the request to the right container (using the regular bridge or host network already set up)?

Edit 1:

ip -6 addr: https://pastebin.com/zKkZW6CE

# docker network ls
NETWORK ID     NAME            DRIVER    SCOPE
4ea1dddd3d64   0x04            bridge    local
c6ad6c596ec5   bridge          bridge    local
5d5ea78ff91f   host            host      local
7a03e7ecb430   matrix          bridge    local
20cb1fbc5dfe   matrix-coturn   bridge    local
684af653d87a   none            null      local

docker network inspect 0x04: https://pastebin.com/tWYNyM3Y

Edit 2:

I cleared my daemon.json file as I had the following content:

"ipv6": true,
"fixed-cidr-v6": "fd00::/80"

This means I can now correctly run IPv4 and IPv6 connections on my bridge network:

However, this doesn't seem to work with --network option. Most my containers are running in their own network.

1 Answers

Voted

Simon Richter · Answer 1 · 2021-02-25T09:02:41+08:00

Simon Richter

2021-02-25T09:02:41+08:002021-02-25T09:02:41+08:00

You can just declare a normal port forward during container creation, using

-p [2001:dead:beef::1]:22:22

That creates an IPv6 socket on the host that is forwarded to an IPv4 socket inside the container.

To listen to any IPv6 address, use [::] as the listen address.

0

Make Docker listen to the IPv6 address of server, forward IPv6 requests to right container

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?