Changing Docker's default subnet IP range

Jul 13, 2023 by Georgi Nikolov | 12047 views

Docker Linux Windows

https://cylab.be/blog/277/changing-dockers-default-subnet-ip-range

Docker containers have become widely used to deploy and maintain critical parts of infrastructure. The problem is that sometimes some of the containers running may interfere with other parts of the network.

I ran into a problem trying to deploy a machine to pull data from our experimental ELK stack, deployed in our cyber range. The ELK stack is accessible at an IP address starting with 172.17.*.* , which already at first glance, for someone with experience with Docker, will ring some alarms. Docker’s default network is set-up to use the 172.17.0.0 range of IP addresses and this can lead to problems when trying to establish a connection between a docker container and another machine. Luckily, there is an easy solution to fix this!

Changing Docker’s default subnet IP range

  1. First we should confirm what default subnet Docker is using by running netstat -rn in the terminal.
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
10.67.42.0      0.0.0.0         255.255.255.0   U         0 0          0 enx04b9e3c01593
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 wlp4s0
172.17.0.0      0.0.0.0         255.255.0.0     U         0 0          0 docker0

The last line shows the subnet Docker will be using by default.

  1. We need to create a new file, called “daemon.json”, which as the name implies, will change the configuration of the Docker daemon. The file needs to be created in /etc/docker/ folder. The folder is protected, so we should create the file as a root.
sudo touch /etc/docker/daemon.json

In windows, the file should be created in C:\ProgramData\Docker\config\daemon.json.

  1. Next we need to open the file and add some lines to it. Best is to use terminal tools such as vi or nano, depending on your preferences. We need to add some lines to the json file in the form of:
{
  "default-address-pools":
  [
    {"base":"198.10.0.0/16","size":24}
  ]
}
  1. Finally we can restart the dockerd service:
sudo service docker restart

In Windows, his can be done via the Docker desktop interface, by accessing the “Troubleshoot” icon on the top and selecting the “Restart Docker Desktop” option.

  1. Best to check again the routing table via the netstat -rn command just to be sure it worked.
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
10.67.42.0      0.0.0.0         255.255.255.0   U         0 0          0 enx04b9e3c01593
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 wlp4s0
198.10.0.0      0.0.0.0         255.255.0.0     U         0 0          0 docker0

In 5 easy steps we have fixed any possible issues relating to the subnet Docker uses by default!

This blog post is licensed under CC BY-SA 4.0

Automatic Docker reverse-proxy with Traefik
Traefik is an open-source reverse proxy and load balancer designed specifically for container platforms like Kubernetes and Docker. In these environment, Traefik can automatically discover services, perform load balancing and configure SSL termination. In this post, we’ll show how to deploy and use Traefik on Docker.
Nov 13, 2024 | 353 views
Get started with Laravel Sail
Running an complete Laravel development environment requires multiple services: web server, database server, queue worker etc. Laravel Sail helps you install and use all these using docker containers. Here is how to use it…
May 28, 2024 | 1063 views
Use docker-compose to create a dev environment for Laravel 6, 7 and 8
Setting up a Laravel environment requires to install and configure multiple components: the correct PHP version, of course, but also a database, node server, probably queue worker and scheduler. To get you quickly started, here is how to deploy a dev environment for Laravel with docker compose.
Apr 29, 2024 | 855 views
This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept