podman: Unable to use IPv6 on rootless container

My English is not good, so I used translation software.

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind feature

Description

First create an ipv6 network: podman network create --ipv6 test And create a rootless container use this network: podman run -it --rm --network test archlinux But this container cannot connect to a ipv6 webserver. I’m sure the host can connect to a ipv6 webserver. And, a container created with option “–network slirp4netns:enable_ipv6=true” can use ipv6. Is there something wrong with my settings?

Describe the results you expected:

Both the host and container can connect to the webserver by either its IPv4 or IPv6 address.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Client:       Podman Engine
Version:      4.1.1
API Version:  4.1.1
Go Version:   go1.17.12
Built:        Tue Aug  2 15:53:14 2022
OS/Arch:      linux/amd64

Output of podman info:

host:
  arch: amd64
  buildahVersion: 1.26.2
  cgroupControllers: []
  cgroupManager: cgroupfs
  cgroupVersion: v1
  conmon:
    package: conmon-2.1.2-2.module+el8.6.0+997+05c9d812.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.2, commit: 98e028a5804809ccb49bc099c0d53adc43ef8cc4'
  cpuUtilization:
    idlePercent: 99.63
    systemPercent: 0.17
    userPercent: 0.21
  cpus: 4
  distribution:
    distribution: '"rocky"'
    version: "8.6"
  eventLogger: file
  hostname: localhost.localdomain
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 4.18.0-372.26.1.el8_6.x86_64
  linkmode: dynamic
  logDriver: k8s-file
  memFree: 2651201536
  memTotal: 3802693632
  networkBackend: netavark
  ociRuntime:
    name: runc
    package: runc-1.1.3-2.module+el8.6.0+997+05c9d812.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.1.3
      spec: 1.0.2-dev
      go: go1.17.12
      libseccomp: 2.5.2
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.0-2.module+el8.6.0+997+05c9d812.x86_64
    version: |-
      slirp4netns version 1.2.0
      commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
      libslirp: 4.4.0
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.2
  swapFree: 1610608640
  swapTotal: 1610608640
  uptime: 39m 0.13s
plugins:
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries:
  search:
  - registry.access.redhat.com
  - registry.redhat.io
  - docker.io
store:
  configFile: /home/aoxiangtianji/.config/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/aoxiangtianji/.local/share/containers/storage
  graphRootAllocated: 12777947136
  graphRootUsed: 5570002944
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 1
  runRoot: /run/user/1000/containers
  volumePath: /home/aoxiangtianji/.local/share/containers/storage/volumes
version:
  APIVersion: 4.1.1
  Built: 1659426794
  BuiltTime: Tue Aug  2 15:53:14 2022
  GitCommit: ""
  GoVersion: go1.17.12
  Os: linux
  OsArch: linux/amd64
  Version: 4.1.1

Package info (e.g. output of rpm -q podman or apt list podman):

podman-4.1.1-2.module+el8.6.0+997+05c9d812.x86_64

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

Rocky Linux 8.6 in VirtualBox

About this issue

Original URL
State: open
Created 2 years ago
Reactions: 3
Comments: 33 (11 by maintainers)

Most upvoted comments

slirp4netns is already started with --enable-ipv6 by default, the problem is the missing route.

I am working on the pasta integration instead of slirp4netns so this should work work better when I am done with that.

Luap99 on Aug 9, 2023

I had the same issue, but I solved it with the following commands in my environment:

# Add an fd00::/64 address on tap0 manually (if not presenting)
podman unshare --rootless-netns ip addr add fd00::100/64 dev tap0
# Set default route via fd00::2 (IPv6 Gateway of slirp4netns)
podman unshare --rootless-netns ip route add default via fd00::2 dev tap0

Although there seems to be an mtu-related issue. I have to set the mtu of the network used by the container to 65520 (same as the mtu of tap0) via podman (modifying mtu with ip link set mtu does not seem to work). Otherwise some packets may be dropped. One way to set the mtu of the network is by creating the network with podman network create NETWORK_NAME -o mtu 65520.

The version I am using

Output of podman version:

Client:       Podman Engine
Version:      4.3.1
API Version:  4.3.1
Go Version:   go1.17.5
Git Commit:   814b7b003cc630bf6ab188274706c383f9fb9915
Built:        Fri Nov 18 00:28:57 2022
OS/Arch:      linux/amd64

Output of slirp4netns --version:

slirp4netns version 1.2.0
commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
libslirp: 4.1.0
SLIRP_CONFIG_VERSION_MAX: 1
libseccomp: 2.5.1

sup39 on Nov 18, 2022