Jul 13, 2023 by Georgi Nikolov | 12367 views
https://cylab.be/blog/277/changing-dockers-default-subnet-ip-range
Docker containers have become widely used to deploy and maintain critical parts of infrastructure. The problem is that sometimes some of the containers running may interfere with other parts of the network.
I ran into a problem trying to deploy a machine to pull data from our experimental ELK stack, deployed in our cyber range. The ELK stack is accessible at an IP address starting with 172.17.*.*
, which already at first glance, for someone with experience with Docker, will ring some alarms. Docker’s default network is set-up to use the 172.17.0.0
range of IP addresses and this can lead to problems when trying to establish a connection between a docker container and another machine. Luckily, there is an easy solution to fix this!
netstat -rn
in the terminal.Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.67.42.0 0.0.0.0 255.255.255.0 U 0 0 0 enx04b9e3c01593
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlp4s0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
The last line shows the subnet Docker will be using by default.
/etc/docker/
folder. The folder is protected, so we should create the file as a root.sudo touch /etc/docker/daemon.json
In windows, the file should be created in C:\ProgramData\Docker\config\daemon.json
.
vi
or nano
, depending on your preferences. We need to add some lines to the json file in the form of:{
"default-address-pools":
[
{"base":"198.10.0.0/16","size":24}
]
}
sudo service docker restart
In Windows, his can be done via the Docker desktop interface, by accessing the “Troubleshoot” icon on the top and selecting the “Restart Docker Desktop” option.
netstat -rn
command just to be sure it worked.Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.67.42.0 0.0.0.0 255.255.255.0 U 0 0 0 enx04b9e3c01593
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlp4s0
198.10.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
In 5 easy steps we have fixed any possible issues relating to the subnet Docker uses by default!
This blog post is licensed under CC BY-SA 4.0