The default network "bridge" is missing "Gateway" when docker installed in Virtual machine.

[children1987]

• This is a bug report
• This is a feature request
• I searched existing issues before opening this one

Expected behavior

The default network bridge should be created with a "Gateway". As follow image:

Actual behavior

In my physical machine, everything is OK.
But when I installed docker to a virtual machine, I found the default network bridge has no "Gateway". As follow image:

The surface problem is that the containers (like alpine) in the virtual machines can't ping github.com when the containers first running, while the containers in the physical machines can ping github.com when the containers first running.
I don't konw if this problem has something to do with the missing "Gateway" config.

Plus informations:
All of them above are all CentOS 7.

Steps to reproduce the behavior

service docker start
docker pull alpine
docker run -itd --name alpine-test alpine:latest
docker exec -it alpine-test /bin/sh

ping github.com

Output of docker version:

[root@localhost network-scripts]# docker version
Client: Docker Engine - Community
 Version:           19.03.8
 API version:       1.40
 Go version:        go1.12.17
 Git commit:        afacb8b
 Built:             Wed Mar 11 01:27:04 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.8
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.17
  Git commit:       afacb8b
  Built:            Wed Mar 11 01:25:42 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683
[root@localhost network-scripts]#

Output of docker info:

[root@localhost network-scripts]# docker info
Client:
 Debug Mode: false

Server:
 Containers: 4
  Running: 1
  Paused: 0
  Stopped: 3
 Images: 1
 Server Version: 19.03.8
 Storage Driver: devicemapper
  Pool Name: docker-253:0-101101361-pool
  Pool Blocksize: 65.54kB
  Base Device Size: 10.74GB
  Backing Filesystem: xfs
  Udev Sync Supported: true
  Data file: /dev/loop0
  Metadata file: /dev/loop1
  Data loop file: /var/lib/docker/devicemapper/devicemapper/data
  Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
  Data Space Used: 42.73MB
  Data Space Total: 107.4GB
  Data Space Available: 17.22GB
  Metadata Space Used: 675.8kB
  Metadata Space Total: 2.147GB
  Metadata Space Available: 2.147GB
  Thin Pool Minimum Free Space: 10.74GB
  Deferred Removal Enabled: true
  Deferred Deletion Enabled: true
  Deferred Deleted Device Count: 0
  Library Version: 1.02.158-RHEL7 (2019-05-13)
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 3.10.0-327.el7.x86_64
 Operating System: CentOS Linux 7 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 1.797GiB
 Name: localhost.localdomain
 ID: JZOV:4JOO:AEHN:LBWC:NFQG:TAFZ:RAPK:4AGB:DWBB:LX5K:AWFK:XMWT
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Registry Mirrors:
  http://hub-mirror.c.163.com/
 Live Restore Enabled: false

WARNING: the devicemapper storage-driver is deprecated, and will be removed in a future release.
WARNING: devicemapper: usage of loopback devices is strongly discouraged for production use.
         Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.

Additional environment details (AWS, VirtualBox, physical, etc.)
I tried both in VirtulBox and VMware. They are having the same problem.

[children1987]

Surprisingly! "Gateway": "172.17.0.1" appears when I just restarted the docker!

But I still can't ping 172.17.0.1.

[root@localhost network-scripts]# service docker restart
Redirecting to /bin/systemctl restart  docker.service
[root@localhost network-scripts]# docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "e1f30e256c93ee70012f386b48324d9a628828b7dcf773e6b22efef178ba70b7",
        "Created": "2020-04-14T16:55:48.535056143+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]
[root@localhost network-scripts]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@localhost network-scripts]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                        PORTS               NAMES
937078e5ae90        alpine              "/bin/sh"           4 hours ago         Exited (0) 4 hours ago                            test4
cf97b1259902        alpine              "/bin/sh"           4 hours ago         Exited (0) 4 hours ago                            test3
40c9763263d4        alpine              "/bin/sh"           4 hours ago         Created                                           test2
25c75582d037        alpine:latest       "/bin/sh"           5 hours ago         Exited (137) 51 seconds ago                       alpine-test
[root@localhost network-scripts]# docker start test4
test4
[root@localhost network-scripts]# docker exec -it test4 /bin/sh
Error response from daemon: Container 937078e5ae900ad4aee8216bc89e7dc560597c44a87597f2706ffe853c30a8c5 is not running
[root@localhost network-scripts]# docker run -itd --name test5 alpine:latest
3f294ed7ea0ded426ab1d71eb6346e204183bcff91009c3a560f615364860e05
[root@localhost network-scripts]# docker exec -it test5 /bin/sh
/ # ping www.baidu.com
ping: bad address 'www.baidu.com'
/ # ping 172.17.0.1
PING 172.17.0.1 (172.17.0.1): 56 data bytes
PING 172.17.0.1 (172.17.0.1): 56 data bytes
^C
--- 172.17.0.1 ping statistics ---
193 packets transmitted, 0 packets received, 100% packet loss
/ # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.17.0.1      0.0.0.0         UG    0      0        0 eth0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 eth0
/ # ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:02  
          inet addr:172.17.0.2  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:218 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:858 (858.0 B)  TX bytes:20212 (19.7 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

/ #

[5aint2ero]

Hi, did you find a solution to the issue? Unfortunatly I have exactly the same problem.

[children1987]

Hi, did you find a solution to the issue? Unfortunatly I have exactly the same problem.

Unfortunatly, so far, I haven't found a solution.

[5aint2ero]

FYI: After I updated Docker to version 19.03.14 today, the problems are gone. Seems that something was odd on their side.

[children1987]

Thanks for your information. But I tried again, this issue is still there.

[fernetmatt]

Hi, i'm having the exact same issue on Docker version 20.10.2, build 2291f61 on a CentOS 8 virtual machine.
Every container using the "bridge" network has been unable to reach network starting from yesterday nigh, no problem until that moment. (for solution read below)

To solve the issue i had to create a new bridge type connection with docker network create --driver bridge alpine-bridge

# docker version
Client: Docker Engine - Community
 Version:           20.10.2
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        2291f61
 Built:             Mon Dec 28 16:17:40 2020
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.2
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       8891c58
  Built:            Mon Dec 28 16:15:09 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.3
  GitCommit:        269548fa27e0089a8b8278fc4fc781d7f65a939b
 runc:
  Version:          1.0.0-rc92
  GitCommit:        ff819c7e9184c13b7c2607fe6c30ae19403a7aff
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

[jbuns]

Same problem here on CentOS 7.7

$ rpm -q centos-release
centos-release-7-7.1908.0.el7.centos.x86_64

Docker version:

$ docker version
Client: Docker Engine - Community
 Version:           20.10.6
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        370c289
 Built:             Fri Apr  9 22:45:33 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.6
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       8728dd2
  Built:            Fri Apr  9 22:43:57 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.4
  GitCommit:        05f951a3781f4f2c1911b05e61c160e9c30eaa8e
 runc:
  Version:          1.0.0-rc93
  GitCommit:        12644e614e25b05da6fd08a38ffa0cfe1903fdec
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

[llitfkitfk]

same problem on:

Alibaba Cloud Linux (Aliyun Linux) release 2.1903 LTS (Hunting Beagle) 

docker version

Client: Docker Engine - Community
 Version:           20.10.7
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        f0df350
 Built:             Wed Jun  2 11:58:10 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.7
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       b0f5bc3
  Built:            Wed Jun  2 11:56:35 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.6
  GitCommit:        d71fcd7d8303cbf684402823e425e9dd2e99285d
 runc:
  Version:          1.0.0-rc95
  GitCommit:        b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

moby/moby#26799

[AxelGodoy]

Hola. Tengo el mismo inconveniente en un CentOS 7.2. Alguien ha podido solucionarlo?

[cypx]

Same here with Ubuntu 20.04 and Docker version 20.10.9

When I create a network, Docker create a related bridge interface but do not add it as gateway to the network.
ip a display the bridge interface which seem ok (could be ping from the host)

79: br-f9bc0d86bd69: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:2e:7e:ee:d6 brd ff:ff:ff:ff:ff:ff
    inet 10.10.22.1/24 brd 10.10.22.255 scope global br-f9bc0d86bd69
       valid_lft forever preferred_lft forever
    inet6 fe80::42:2eff:fe7e:eed6/64 scope link 
       valid_lft forever preferred_lft forever

Restarting docker service do not help. I also try to force gateway configuration

docker network create --driver=bridge --gateway=10.10.22.1 --subnet=10.10.22.0/24 test-network 

After that docker inspect test-network shown gateway as expected, but network did not really working (container not reachable from other network).

At the end I try a full reboot and that's fix my network without any other change.
Maybe a missing step when reloading network setting or iptables rules at network creation under certain conditions???

[pdechastellier]

Enabling IP Forwarding fixed the problem for me:
add this line in /etc/sysctl.conf

net.ipv4.ip_forward=1

reload settings and restart docker

sysctl -p
systemctl restart docker

docker network inspect bridge now shows the gateway

[dj0024javia]

Enabling IP Forwarding fixed the problem for me: add this line in /etc/sysctl.conf

net.ipv4.ip_forward=1

reload settings and restart docker

sysctl -p
systemctl restart docker

docker network inspect bridge now shows the gateway

Works For me

[martinpal]

Same here, docker-ce 20.10.18, Ubuntu 20.04

The GW address is present in the output of docker network inspect bridge.

Adding the address back to the interface using ip addr add 172.17.0.1/16 dev docker0 fixes the problem temporarily until it disappears again.

The issue only appears on a single host out of >60 in a cluster. It is the only one with version 20.10.18. Others are:

 7 20.10.12  docker.io with backports/ZFS fixes
52 20.10.17  docker-ce
 1 20.10.18  docker-ce  <-- only this one suffers from the issue
 2 20.10.22  docker-ce