podman: Podman default network doesn't support IPv4/IPv6 dual stack

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind feature /network

Description

Because the ‘network.default_subnet’ option in containers.conf can only take either an IPv4 CIDR string or an IPv6 CIDR string, the default network can only be either IPv4 only or IPv6 only. On the other hand, other networks created by podman network create can be IPv4 only, IPv6 only, or IPv4/IPv6 dual stack. We may need the default network to support dual stack when the host network is dual stack. Is it possible to make the default network to also support IPv4/IPv6 dual stack?

Steps to reproduce the issue:

It’s the default network, we can observe the behavior by default.

Describe the results you received:

  • When ‘network.default_subnet’ is specified as an IPv4 CIDR, the default network is IPv4 only
  • When ‘network.default_subnet’ is specified as an IPv6 CIDR, the default network is IPv6 only
  • We cannot specify both IPv4 and IPv6 to ‘network.default_subnet’

Describe the results you expected: e.g. some possible approaches

  • specify ‘network.default_subnet’ in containers.conf multiple times with IPv4 CIDR and/or IPv6 CIDR, just like we can specify ‘–subnet’ option multiple times when calling podman network create
  • make ‘default_subnet’ a list of IPv4 CIDR or IPv6 CIDR strings

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Client:       Podman Engine
Version:      4.2.0-dev
API Version:  4.2.0-dev
Go Version:   go1.17.7
Git Commit:   653e87dd4c6103e91724e5aa6afa4c78c2ae1922
Built:        Tue Jun 28 22:26:10 2022
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.27.0-dev
  cgroupControllers:
  - cpuset
  - cpu
  - cpuacct
  - blkio
  - memory
  - devices
  - freezer
  - net_cls
  - perf_event
  - net_prio
  - hugetlb
  - pids
  - rdma
  cgroupManager: systemd
  cgroupVersion: v1
  conmon:
    package: conmon-2.1.2-2.el8.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.2, commit: '
  cpuUtilization:
    idlePercent: 99.88
    systemPercent: 0.05
    userPercent: 0.07
  cpus: 4
  distribution:
    distribution: '"rocky"'
    version: "8.6"
  eventLogger: journald
  hostname: vrarocky3523.rsv.ven.veritas.com
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 4.18.0-372.9.1.el8.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 7421812736
  memTotal: 8140427264
  networkBackend: netavark
  ociRuntime:
    name: crun
    package: crun-1.4.5-1.el8.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.4.5
      commit: c381048530aa750495cf502ddb7181f2ded5b400
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: false
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /bin/slirp4netns
    package: slirp4netns-1.1.8-2.el8.x86_64
    version: |-
      slirp4netns version 1.1.8
      commit: d361001f495417b880f20329121e3aa431a8f90f
      libslirp: 4.4.0
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.2
  swapFree: 8589930496
  swapTotal: 8589930496
  uptime: 1h 44m 56.00s (Approximately 0.04 days)
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
  - quay.io
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: vfs
  graphOptions: {}
  graphRoot: /var/lib/containers/storage
  graphRootAllocated: 97658605568
  graphRootUsed: 21218099200
  graphStatus: {}
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 1
  runRoot: /run/containers/storage
  volumePath: /var/lib/containers/storage/volumes
version:
  APIVersion: 4.2.0-dev
  Built: 1656473170
  BuiltTime: Tue Jun 28 22:26:10 2022
  GitCommit: 653e87dd4c6103e91724e5aa6afa4c78c2ae1922
  GoVersion: go1.17.7
  Os: linux
  OsArch: linux/amd64
  Version: 4.2.0-dev

Package info (e.g. output of rpm -q podman or apt list podman):

Build with the latest code from Github

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

About this issue

  • Original URL
  • State: open
  • Created 2 years ago
  • Reactions: 2
  • Comments: 21 (11 by maintainers)

Most upvoted comments

@kgfathur I don’t understand what your point is? This issue is about no easy way to enable ipv6 on the default network.

If you manually add ipv6 subnets to your default network then yes it will not work if you disable ipv6 on your host.

+1
Luap99 on Nov 23, 2022
Read more comments on GitHub
← podman: Podman creates images that cannot be removed
podman: Podman dies during interactive session exec due to disconnect →