Share and learn in the Docker community.
Hi folks,
Maybe I am too blind to see, but I haven’t seen it mentioned on docs.docker.com: Does docker support nftables? Does it still require the legacy iptables or the new nftables/iptables-nft?
Both are available on Debian (and probably on Ubuntu and others) , but AFAIU there are subtle differences between iptables-legacy and iptables-nft.
Every helpful comment is highly appreciated.
Harri
Podman inherited this problem from Docker: CNI bridge network driver In the tries to use iptables on distros where only nft exists, like CentOS 8.2. The Docker documentation mentions iptables only but forced CentOS upgrade has replaced iptables with nft. iptables-legacy has disappeared together with iptables. Kernel 4.9 is in action now too.
I read somewhere that Docker uses netfilter, which nftables or iptables sit on top of, and nft or ipt just “interpret” the entries.