IP Conflict with docker0/bridge for Appliance Based NetIQ Applications

  • 7023491
  • 01-Nov-2018
  • 02-Mar-2020


Advanced Authentication 5.x Appliance
Advanced Authentication 6.x Appliance
Self Service Password Reset Appliance 
SSPR 4.x
Other applications that use the Net IQ Common Appliance Framework


How to change the default IP address for docker0/br-xxxxxx on a standard/default install of an AAF or SSPR  Appliance

By default, the  appliance uses and as the docker0 and br-xxxxxx network ip addresses.
Certain networks may already have these IP ranges configured for other services.

For example, the default ifconfig output may include:

docker0   Link encap:Ethernet  HWaddr *:*:*:*:*:*
          inet addr:  Bcast:  Mask:
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:66359 errors:0 dropped:0 overruns:0 frame:0
          TX packets:77517 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3569440 (3.5 MB)  TX bytes:203222893 (203.2 MB)


Modify or customize the docker0 bridge to use another IP range, as follows.

1.Edit the existing daemon.json (default location at /etc/docker/daemon.json on Linux) file and add the following at the TOP of the file:

 "bip": ""

For example, the resulting daemon.json may look like this:
  "bip": "",
  "log-level": "warn",
  "log-driver": "json-file",
  "log-opts": {
  "max-size": "10m",
  "max-file": "5"

2. Restart the docker daemon using one of following options:

sudo systemctl restart docker      (on systemd based Linux operating systems)
rcdocker restart

After restating docker it may be necessary to kill the SSPR application and restart it through system services in vaconfig.

IMPORTANT NOTE:   After making the documented changes daemon.json will be “owned” by the docker rpm.  This means that new versions of the docker rpm may overwrite this file, and  updates/upgrades could remove the changes.  Be aware that daemon.json may need to be edited again after an update or upgrade.


IP range docker is trying to use is already in use.

Additional Information

Another option is given in this article in the Docker documentation: 
  1. Create or modify the docker daemon.json file (/etc/docker/daemon.json) and configure as needed:
      "bip": "",
      "fixed-cidr": "",
      "fixed-cidr-v6": "2001:db8::/64",
      "mtu": 1500,
      "default-gateway": "",
      "default-gateway-v6": "2001:db8:abcd::89",
      "dns": ["",""]

    Note: These same options are available as flags to dockerd. For more details, please refer to the link above.

  2. Restart Docker after making these changes:
    rcdocker restart