VPN related issues docker-compose on Ubuntu 18.04

General
1

I’m just beginning to learn about docker and I’m also using docker-compose, I’m using it as mentioned above on Ubuntu 18.04

All works as expected however when doing some builds that have dependencies on images on our corporate Git server I get errors which indicate that resources are unavailable.

I am working from home at the moment (COVID-19) and the Git server (and other SSO resources) can only be accessed from within the corporate net, thus I VPN in. I’m using Cisco AnyConnect as the VPN system.

It would appear that’s working, but I can see brief notifications when some parts of the build are occurring the network is disconnecting. The Cisco client however shows that it never dropped its connection. Some reading yielded an interesting solution which I’d like to understand. The solution given is below and did not work as I still get failures to resolve things like http://security.debian.org

I feel that its related to something like this.

Apparently the problem was, indeed, an IP-conflict between the docker0 bridge and an IP-range in one of the static routes.

I had already tried to assign a new IP-address to the docker0 bridge, by inserting a “bip”-entry by entering the command sudo nano /etc/docker/daemon.json and editing the file to make it look somewhat similar to this.

{
    "bip":"171.2.2.0/8"
}

but all the other addresses I tried resulted in sudo systemctl restart docker failing spectacularly.

I had (still dont have) no idea what IP-address to choose, so this 171.2.2.0/8 was a lucky guess I suppose. Maybe it will cause problems later, but that’s another story.

2

Ho yeah, that’s going to strike back. This is a public range of address. So some Internets servers are already using these.
You have to choose between (as that’s the only private ranges) :

  • 10.0.0.0/8
  • 172.16.0.0/12
  • 192.168.1.0/16

Or any subnet within these range

3

Hi and thanks
so was there any aspect of importance to naming it bip?
Also because I’m not strong at all on such networking topics I have a question about what to choose;

My ubuntu box on my home network is at 192.168.43.212, and indeed everything on my home net is, so does this influence the values should I choose? docker0 is at 192.168.1.0 according to ifconfig, and why /8 and /12 and /16 please?

I’ve tried all the values you’ve suggested, and the only one which allowed a restart was 192.168.1.0/16 … however Cisco still disconnects and the error “… file could not be downloaded: php_network_getaddresses:getaddreinfo failed: Temporary failure in name resolution…”
Thanks for your assistance

4

10.0.0.0/8 => 10.0.0.0 to 10.255.255.255
172.16.0.0/12 => 172.16.0.0 to 172.31.255.255
192.168.1.0/16 => 192.168.1.0 to 192.168.255.255
but dont use these wide ranges, only a subpart of them would be enough. A whole “/8” is a complete class A range, you probably only need a /24.

You might want to try :
192.168.200.0/24

:wink: