Changing Docker's default subnet IP range

Jul 13, 2023 by Georgi Nikolov | 12367 views

Docker Linux Windows

https://cylab.be/blog/277/changing-dockers-default-subnet-ip-range

Docker containers have become widely used to deploy and maintain critical parts of infrastructure. The problem is that sometimes some of the containers running may interfere with other parts of the network.

I ran into a problem trying to deploy a machine to pull data from our experimental ELK stack, deployed in our cyber range. The ELK stack is accessible at an IP address starting with 172.17.*.* , which already at first glance, for someone with experience with Docker, will ring some alarms. Docker’s default network is set-up to use the 172.17.0.0 range of IP addresses and this can lead to problems when trying to establish a connection between a docker container and another machine. Luckily, there is an easy solution to fix this!

Changing Docker’s default subnet IP range

  1. First we should confirm what default subnet Docker is using by running netstat -rn in the terminal.
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
10.67.42.0      0.0.0.0         255.255.255.0   U         0 0          0 enx04b9e3c01593
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 wlp4s0
172.17.0.0      0.0.0.0         255.255.0.0     U         0 0          0 docker0

The last line shows the subnet Docker will be using by default.

  1. We need to create a new file, called “daemon.json”, which as the name implies, will change the configuration of the Docker daemon. The file needs to be created in /etc/docker/ folder. The folder is protected, so we should create the file as a root.
sudo touch /etc/docker/daemon.json

In windows, the file should be created in C:\ProgramData\Docker\config\daemon.json.

  1. Next we need to open the file and add some lines to it. Best is to use terminal tools such as vi or nano, depending on your preferences. We need to add some lines to the json file in the form of:
{
  "default-address-pools":
  [
    {"base":"198.10.0.0/16","size":24}
  ]
}
  1. Finally we can restart the dockerd service:
sudo service docker restart

In Windows, his can be done via the Docker desktop interface, by accessing the “Troubleshoot” icon on the top and selecting the “Restart Docker Desktop” option.

  1. Best to check again the routing table via the netstat -rn command just to be sure it worked.
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
10.67.42.0      0.0.0.0         255.255.255.0   U         0 0          0 enx04b9e3c01593
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 wlp4s0
198.10.0.0      0.0.0.0         255.255.0.0     U         0 0          0 docker0

In 5 easy steps we have fixed any possible issues relating to the subnet Docker uses by default!

This blog post is licensed under CC BY-SA 4.0

This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept