IP Conflict with docker0/bridge for Advanced Authentication Appliance

  • 7023491
  • 01-Nov-2018
  • 01-Nov-2018

Environment

Advanced Authentication 5.x Appliance
Advanced Authentication 6.x Appliance

Situation

How to change the default IP address for docker0/br-xxxxxx on a standard/default install of an AAF Appliance

By default, the Advanced Authentication appliance uses 172.17.0.1 and 172.18.0.1 as the docker0 and br-xxxxxx network ip addresses.
Certain networks may already have these IP ranges configured for other services.

For example, the default ifconfig output may include:

docker0   Link encap:Ethernet  HWaddr *:*:*:*:*:*
          inet addr:172.17.0.1  Bcast:0.0.0.0  Mask:255.255.0.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:66359 errors:0 dropped:0 overruns:0 frame:0
          TX packets:77517 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3569440 (3.5 MB)  TX bytes:203222893 (203.2 MB)

Resolution

To modify or customize the docker0 bridge to use another IP range, please refer to the following Docker documentation:

Cause

IP range docker is trying to use is already in use.

Additional Information

For example, at the time of writing this document, the docker documentation suggests the following approach:

  1. Create or modify the docker daemon.json file (/etc/docker/daemon.json) and configure as needed:
    {
      "bip": "192.168.1.5/24",
      "fixed-cidr": "192.168.1.5/25",
      "fixed-cidr-v6": "2001:db8::/64",
      "mtu": 1500,
      "default-gateway": "10.20.1.1",
      "default-gateway-v6": "2001:db8:abcd::89",
      "dns": ["10.20.1.2","10.20.1.3"]
    }

    Note: These same options are available as flags to dockerd. For more details, please refer to the link above.

  2. Restart Docker after making these changes:
    rcdocker restart