I have a web service in Docker Swarm which takes in connections from both IPv4 and v6. The v4 addresses come through fine, but the v6 ones come through as 172.18.0.1 no matter what, which isn't even an IPv6. Traefik is running in a container with Host mode enabled. Anyone have ideas?
Hello @randomairborne
Thanks for using Traefik and asking the question here.
Could you please share the complete configuration you are using? It will help us to reproduce the issue.
Thank you
Sure!
my /etc/docker/daemon.json:
{
"ipv6": true,
"fixed-cidr-v6": "fd00::/64",
"experimental": true,
"ip6tables": true
}
Traefik config:
GiveIP application config:
You can see the results for yourself, if you would like. https://giveip.io
Hey @randomairborne!
Coincidentally, I have spent the entire day trying to get this to work too and at last, I found a way. I believe the X-Real-IP is not working because the docker containers are not aware of any IPv6 address at all (and your docker host is doing some IPv6 --> IPv4 mapping). As you are probably aware, getting IPv6 to work in any docker environment is somewhat of a struggle.
Here is what worked for me (create the file if it doesn't exist yet):
sudo nano /etc/docker/daemon.json
{
"ipv6": true,
"fixed-cidr-v6": "2001:db8:1::/64",
"experimental": true,
"ip6tables": true
}
sudo systemctl restart docker
Prepare your docker-compose.yml file to use an IPv6 network (pay attention to making it version 2.1 as apparently the version3 has an issue with docker-compose and IPv6):
version: '2.1'
services:
proxy:
image: traefik:v2.7
restart: always
networks:
- ipv6
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
ipv6:
enable_ipv6: true
driver: bridge
driver_opts:
com.docker.network.enable_ipv6: "true"
ipam:
driver: default
config:
- subnet: 172.18.0.0/16
gateway: 172.18.0.1
- subnet: 2001:db8:2::/64
In my particular case, I use Jenkins to deploy so I had to make sure all the containers using the network didn't exist anymore and the host was "clean":
sudo docker kill $(sudo docker ps -q)
sudo docker system prune
# and then you can restart your containers again:
sudo docker-compose up -d
i have a bit of a problem with this, due to the fact that my Traefik instance uses docker host networking. I can't simply change the network, because its using host network which has ipv6 disabled with seemingly no way of enabling it.
I see... but in that case, if your host is not in any way connected to IPv6, how were you planning to ever show someone else's IPv6 if they can't reach your website over IPv6?
They can. The host is completely IPv6-connected, and going to https://v6.giveip.io/raw (which only has an AAAA record, so browsers will only connect to it over IPv6) does actually return something- it's just not the right something.
@randomairborne did you connect your traefik to ipv6?
I have same setup (traefik on host network) and I still cannot get IPv6 in my setup 