Synology Exits with "unable to detect hairpin mode (is the docker daemon running?)"
wangliangliang2 opened this issue · comments
I would advise to switch to Docker's built-in IPv6 NAT, which seems to work great
no,it will be a disaster.because docker in synology add "ip6tables": true will crash.
@wangliangliang2 were you able to resolve this on synology?
Adding
"ipv6": true,
"fixed-cidr-v6": "fd00:dead:beef::/48",
"ip6tables": true,
"experimental": true
to /var/packages/Docker/etc/dockerd.json
makes it not start.
I get
Nov 25 04:51:41 cubic dockerd[31673]: failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: ip6tables --wait -t nat -N DOCKER: ip6tabl
es v1.8.3 (legacy): can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Nov 25 04:51:41 cubic dockerd[31673]: Perhaps ip6tables or your kernel needs to be upgraded.
Am I doomed?
Got same question in my Diskstation, I'm confused
@wangliangliang2 were you able to resolve this on synology?
yep, please see in https://github.com/wangliangliang2/fix_synology_docker_ipv6
Adding
"ipv6": true, "fixed-cidr-v6": "fd00:dead:beef::/48", "ip6tables": true, "experimental": trueto
/var/packages/Docker/etc/dockerd.json
makes it not start. I getNov 25 04:51:41 cubic dockerd[31673]: failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: ip6tables --wait -t nat -N DOCKER: ip6tabl
es v1.8.3 (legacy): can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Nov 25 04:51:41 cubic dockerd[31673]: Perhaps ip6tables or your kernel needs to be upgraded.Am I doomed?
cause synology no support. you should run https://github.com/wangliangliang2/fix_synology_docker_ipv6 first
@wangliangliang2 adding/replacing a bunch of kernel modules with unknown binaries? That doesn't sound remotely robust/safe.
- Where did you get them? Did you build them yourself? If so, what is the source code/makefile? I'd much rather build them myself, perhaps on the synology itself.
- In
iptables_modules_list
, what are the changes? Perhaps it should be a patch or ased
command rather than just replacing the file blindly?
This was also my concerns, also what would I need on synology 7?
Or is the problem gone with 7?
adding/replacing a bunch of kernel modules with unknown binaries
you can rebuild it for yourself from https://github.com/SynoCommunity/spksrc
and there is an issue by me SynoCommunity/spksrc#4713 (comment)
This was also my concerns, also what would I need on synology 7?
Or is the problem gone with 7?
maybe you can read this and rebuild iptables and ipv6 module for yourself
SynoCommunity/spksrc#4713 (comment)
2. In
iptables_modules_list
, what are the changes? Perhaps it should be a patch or ased
command rather than just replacing the file blindly
use it or not ,depending on yourself, I will not care so much things.
as I said you can rebuild ipv6 module and iptables for yourself by https://github.com/SynoCommunity/spksrc