Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NAS-131573 / 25.04 / Default to accept policy for IPv6 forward chain #14632

Merged
merged 1 commit into from
Oct 8, 2024
Merged

NAS-131573 / 25.04 / Default to accept policy for IPv6 forward chain #14632

merged 1 commit into from
Oct 8, 2024

Conversation

TheJulianJES
Copy link
Contributor

@TheJulianJES TheJulianJES commented Oct 8, 2024
edited
Loading

This PR restores IPv6 connectivity in VMs when enabling Docker.
It's basically the same as the following PR, but for IPv6:

The fix was confirmed working on TrueNAS Scale 24.10-RC.1 and 24.10-RC.2 systems.
The PR targets master / 25.04, but it should also really be backported to 24.10.

JIRA URL: https://ixsystems.atlassian.net/browse/NAS-131573
See both of my recent comments in the JIRA ticket for more details on the underlying issue: comment 1, comment 2.

This is the Moby GitHub issue tracking the underlying bug:

Like mentioned in the JIRA ticket above, an alternative approach would be to add "ip6tables":false here to restore the behavior of previous Docker versions which do not modify the default policy to DROP for IPv6.
However, the "workaround" is already in place for IPv4, so I'd also use the same method for IPv6.

@pcbsd-commit-bot
Copy link

Can one of the admins verify this patch?

@bugclerk bugclerk changed the title Default to accept policy for IPv6 forward chain NAS-131573 / 25.04 / Default to accept policy for IPv6 forward chain Oct 8, 2024
@kmoore134 kmoore134 requested review from Qubad786 and yocalebo October 8, 2024 19:53
Qubad786
Qubad786 approved these changes Oct 8, 2024
View reviewed changes
Copy link
Contributor

@Qubad786 Qubad786 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @TheJulianJES for your contribution

@Qubad786 Qubad786 merged commit 198b81f into truenas:master Oct 8, 2024
2 checks passed
@bugclerk bugclerk mentioned this pull request Oct 8, 2024
Merged
@bugclerk
Copy link
Contributor

bugclerk commented Oct 8, 2024

This PR has been merged and conversations have been locked.
If you would like to discuss more about this issue please use our forums or raise a Jira ticket.

@truenas truenas locked as resolved and limited conversation to collaborators Oct 8, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Qubad786 Qubad786 Qubad786 approved these changes

@yocalebo yocalebo Awaiting requested review from yocalebo

Assignees
No one assigned
Labels
backport-24.10.0.1 backported no-time-tracked
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@TheJulianJES @pcbsd-commit-bot @bugclerk @Qubad786