Fixes https://github.com/docker/docker/issues/13426

Signed-off-by: Madhu Venugopal <madhu@docker.com>
2022-11-09 12:21:53 -05:00 · 2015-05-28 16:30:36 -07:00 · 2015-05-28 16:30:36 -07:00 · 0ae84dad55
commit 0ae84dad55
parent bc70ed60cb
3 changed files with 38 additions and 2 deletions
--- a/libnetwork/drivers/bridge/bridge.go
+++ b/libnetwork/drivers/bridge/bridge.go
@ -518,6 +518,11 @@ func (d *driver) CreateNetwork(id types.UUID, option map[string]interface{}) err
 	// Even if a bridge exists try to setup IPv4.
 	bridgeSetup.queueStep(setupBridgeIPv4)
 	enableIPv6Forwarding := false
 	if d.config != nil && d.config.EnableIPForwarding && config.FixedCIDRv6 != nil {
 		enableIPv6Forwarding = true
 	}
 	// Conditionally queue setup steps depending on configuration values.
 	for _, step := range []struct {
 		Condition bool
@ -541,6 +546,9 @@ func (d *driver) CreateNetwork(id types.UUID, option map[string]interface{}) err
 		// specified subnet.
 		{config.FixedCIDRv6 != nil, setupFixedCIDRv6},
 		// Enable IPv6 Forwarding
 		{enableIPv6Forwarding, setupIPv6Forwarding},
 		// Setup Loopback Adresses Routing
 		{!config.EnableUserlandProxy, setupLoopbackAdressesRouting},
--- a/libnetwork/drivers/bridge/setup_fixedcidrv6.go
+++ b/libnetwork/drivers/bridge/setup_fixedcidrv6.go
@ -1,7 +1,10 @@
 package bridge
 import (
 	"os"
 	log "github.com/Sirupsen/logrus"
 	"github.com/vishvananda/netlink"
 )
 func setupFixedCIDRv6(config *networkConfiguration, i *bridgeInterface) error {
@ -10,5 +13,15 @@ func setupFixedCIDRv6(config *networkConfiguration, i *bridgeInterface) error {
 		return &FixedCIDRv6Error{Net: config.FixedCIDRv6, Err: err}
 	}
 	// Setting route to global IPv6 subnet
 	log.Debugf("Adding route to IPv6 network %s via device %s", config.FixedCIDRv6.String(), config.BridgeName)
 	err := netlink.RouteAdd(&netlink.Route{
 		Scope:     netlink.SCOPE_UNIVERSE,
 		LinkIndex: i.Link.Attrs().Index,
 		Dst:       config.FixedCIDRv6,
 	})
 	if err != nil && !os.IsExist(err) {
 		log.Errorf("Could not add route to IPv6 network %s via device %s", config.FixedCIDRv6.String(), config.BridgeName)
 	}
 	return nil
 }
--- a/libnetwork/drivers/bridge/setup_ipv6.go
+++ b/libnetwork/drivers/bridge/setup_ipv6.go
@ -5,12 +5,16 @@ import (
 	"io/ioutil"
 	"net"
 	"github.com/Sirupsen/logrus"
 	"github.com/vishvananda/netlink"
 )
 var bridgeIPv6 *net.IPNet
-const bridgeIPv6Str = "fe80::1/64"
+const (
 	bridgeIPv6Str       = "fe80::1/64"
 	ipv6ForwardConfPerm = 0644
 )
 func init() {
 	// We allow ourselves to panic in this special case because we indicate a
@ -25,7 +29,7 @@ func init() {
 func setupBridgeIPv6(config *networkConfiguration, i *bridgeInterface) error {
 	// Enable IPv6 on the bridge
 	procFile := "/proc/sys/net/ipv6/conf/" + config.BridgeName + "/disable_ipv6"
-	if err := ioutil.WriteFile(procFile, []byte{'0', '\n'}, 0644); err != nil {
+	if err := ioutil.WriteFile(procFile, []byte{'0', '\n'}, ipv6ForwardConfPerm); err != nil {
 		return fmt.Errorf("Unable to enable IPv6 addresses on bridge: %v", err)
 	}
@ -64,3 +68,14 @@ func setupGatewayIPv6(config *networkConfiguration, i *bridgeInterface) error {
 	return nil
 }
 func setupIPv6Forwarding(config *networkConfiguration, i *bridgeInterface) error {
 	// Enable IPv6 forwarding
 	if err := ioutil.WriteFile("/proc/sys/net/ipv6/conf/default/forwarding", []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil {
 		logrus.Warnf("Unable to enable IPv6 default forwarding: %v", err)
 	}
 	if err := ioutil.WriteFile("/proc/sys/net/ipv6/conf/all/forwarding", []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil {
 		logrus.Warnf("Unable to enable IPv6 all forwarding: %v", err)
 	}
 	return nil
 }