I’ve recently noticed something strange when you enable IPv6 in Docker. When I pass the ‘–ipv6’ flag to the Docker service the docker0 bridge gets assigned a link local IP address of fe80::1/64. This is expected behavior and appears to be whats documented in the documentation. However, the instant you start a container on the bridge, the docker0 bridge gets an additional EUI64 link local address assigned to it…
docker0 Link encap:Ethernet HWaddr 02:42:66:c6:07:ff
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::1/64 Scope:Link
inet6 addr: fe80::42:66ff:fec6:7ff/64 Scope:Link
And if I check the container, I also see that the container has two addresses as well…
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:02
inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::242:ac11:2/64 Scope:Link
inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
So Im trying to sort out why these are getting assigned. If I add a ‘fixed-cidr-v6’ option to the service options then the containers get a EUI64 link local and a global IP out of the defined CIDR range as I would expect them to…
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:02
inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: 2001:db8:1::242:ac11:2/64 Scope:Global
inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
So Im trying to understand the behavior when you don’t define a IPv6 CIDR range. Any ideas?