From d10d0e568e44a4e55293610a5cac84359719baff Mon Sep 17 00:00:00 2001 From: imre Fitos Date: Wed, 14 Jan 2015 23:06:13 -0500 Subject: [PATCH 1/3] docs: remove NAT rule when removing bridge Signed-off-by: imre Fitos --- docs/sources/articles/networking.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/sources/articles/networking.md b/docs/sources/articles/networking.md index 85e6222d8a..78dc599882 100644 --- a/docs/sources/articles/networking.md +++ b/docs/sources/articles/networking.md @@ -687,6 +687,7 @@ stopping the service and removing the interface: $ sudo service docker stop $ sudo ip link set dev docker0 down $ sudo brctl delbr docker0 + $ sudo iptables -t nat -F POSTROUTING Then, before starting the Docker service, create your own bridge and give it whatever configuration you want. Here we will create a simple @@ -708,6 +709,14 @@ illustrate the technique. inet 192.168.5.1/24 scope global bridge0 valid_lft forever preferred_lft forever + # Confirming outgoing NAT masquerade is setup + + $ sudo iptables -t nat -L -n + ... + Chain POSTROUTING (policy ACCEPT) + target prot opt source destination + MASQUERADE all -- 192.168.5.0/24 0.0.0.0/0 + # Tell Docker about it and restart (on Ubuntu) $ echo 'DOCKER_OPTS="-b=bridge0"' >> /etc/default/docker From 457f2123739df7bc896008b6d796353aae7a0429 Mon Sep 17 00:00:00 2001 From: imre Fitos Date: Thu, 15 Jan 2015 21:32:38 -0500 Subject: [PATCH 2/3] start docker before checking for updated NAT rule Signed-off-by: imre Fitos --- docs/sources/articles/networking.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/sources/articles/networking.md b/docs/sources/articles/networking.md index 78dc599882..78dc25a2bf 100644 --- a/docs/sources/articles/networking.md +++ b/docs/sources/articles/networking.md @@ -709,7 +709,12 @@ illustrate the technique. inet 192.168.5.1/24 scope global bridge0 valid_lft forever preferred_lft forever - # Confirming outgoing NAT masquerade is setup + # Tell Docker about it and restart (on Ubuntu) + + $ echo 'DOCKER_OPTS="-b=bridge0"' >> /etc/default/docker + $ sudo service docker start + + # Confirming new outgoing NAT masquerade is setup $ sudo iptables -t nat -L -n ... @@ -717,10 +722,6 @@ illustrate the technique. target prot opt source destination MASQUERADE all -- 192.168.5.0/24 0.0.0.0/0 - # Tell Docker about it and restart (on Ubuntu) - - $ echo 'DOCKER_OPTS="-b=bridge0"' >> /etc/default/docker - $ sudo service docker start The result should be that the Docker server starts successfully and is now prepared to bind containers to the new bridge. After pausing to From 73baa673c72a49e9cccfde6e844c7dee2e478d8e Mon Sep 17 00:00:00 2001 From: imre Fitos Date: Sat, 17 Jan 2015 11:21:25 -0500 Subject: [PATCH 3/3] fix typo 'setup/set up' Signed-off-by: imre Fitos --- docs/sources/articles/networking.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/sources/articles/networking.md b/docs/sources/articles/networking.md index 78dc25a2bf..029acab4ea 100644 --- a/docs/sources/articles/networking.md +++ b/docs/sources/articles/networking.md @@ -714,7 +714,7 @@ illustrate the technique. $ echo 'DOCKER_OPTS="-b=bridge0"' >> /etc/default/docker $ sudo service docker start - # Confirming new outgoing NAT masquerade is setup + # Confirming new outgoing NAT masquerade is set up $ sudo iptables -t nat -L -n ...