Docker default address pools
While migrating my Mayan EDMS docker containers from one host to another, I had intermittent network connectivity problems between the docker host and an entire VLAN at home. I use a large part of the 192.168.0.0/16 subnet, and was surprised to find that this can easily clash with a default docker configuration after a few networks are created.
I recommend that this default address-space setting is assessed immediately after installing docker.
Problem
docker-compose will eventually clash with your network if you use any IPs in the range 192.168.0.0/16. This is most residential setups.
Explanation
As explained in Matthew Strasiotto’s thorough post about the situation, the default configuration of what docker uses for address space might look like this:
{
"default-address-pools" : [
{
"base" : "172.17.0.0/12",
"size" : 20
},
{
"base" : "192.168.0.0/16",
"size" : 24
}
]
}
This means 192.168.0.1 to 192.168.255.254 could be used by docker, and create a clash with any other device in your home that already has an address like 192.168.1.30. For many homes, IP addresses like this will definitely be in use. Care must be taken to ensure no address space clashes evolve.
Resolution
Fortunately the available address space can be declared in a configuration file. If you are like me and don’t require a lot of docker networks, you can just delete the 192.168.0.0/16 entry. Alternatively you might like to carve out/add networks in the JSON file.
You will want to ensure that any IP ranges you provide are defined in RFC 1918, to ensure no address clashes with hosts out on the internet.
A restart of the docker service is likely required to effect the changes made to the JSON file.
Linux Configuration File Path
/etc/docker/daemon.json
Synology Configuration File Path
/var/packages/Docker/etc/dockerd.json