Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Docker daemon MTU not used when creating a new bridge network #34981

Closed
tbouvet opened this issue Sep 26, 2017 · 18 comments · Fixed by #43197
Closed

Docker daemon MTU not used when creating a new bridge network #34981

tbouvet opened this issue Sep 26, 2017 · 18 comments · Fixed by #43197

Comments

@tbouvet
Copy link

tbouvet commented Sep 26, 2017

Description
I configure the /etc/docker/daemon.json with the "mtu" parameter to 1450.
Default bridge is ok with mtu=1450.
But when a new bridge network is created (either docker network create or docker-compose), the mtu parameter is false. It's always 1500.

Steps to reproduce the issue:

  1. Add "mtu": 1450 to /etc/docker/daemon.json
  2. Restart docker daemon
  3. Create a new bridge : docker network create my-net

Describe the results you received:
my-net MTU = 1500

Describe the results you expected:
my-net MTU = 1450

Output of docker version:

Client:
 Version:      17.06.2-ce
 API version:  1.30
 Go version:   go1.8.3
 Git commit:   cec0b72
 Built:        Tue Sep  5 20:00:17 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.06.2-ce
 API version:  1.30 (minimum version 1.12)
 Go version:   go1.8.3
 Git commit:   cec0b72
 Built:        Tue Sep  5 19:59:11 2017
 OS/Arch:      linux/amd64
 Experimental: false

Output of docker info:

Containers: 4
 Running: 1
 Paused: 0
 Stopped: 3
Images: 41
Server Version: 17.06.2-ce
Storage Driver: aufs
 Root Dir: /var/lib/docker/100000.100000/aufs
 Backing Filesystem: extfs
 Dirs: 163
 Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 6e23458c129b551d5c9871e5174f6b1b7f6d1170
runc version: 810190ceaa507aa2727d7ae6f4790c76ec150bd2
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
 userns
Kernel Version: 4.4.0-93-generic
Operating System: Ubuntu 16.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 15.67GiB
Name: test-vm-04
ID: OZSP:AWLJ:HAPO:CZD6:NNLX:YDIT:LGWR:RMEI:P4SK:SBY4:2RAT:5YIK
Docker Root Dir: /var/lib/docker/100000.100000
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: true
@thaJeztah
Copy link
Member

If I'm not mistaken, the --mtu option is indeed only for the default bridge network (because that network cannot be customised using docker network create), for custom networks, the options can be passed through the com.docker.network.xyz options, as described here: https://docs.docker.com/engine/userguide/networking/work-with-networks/

I do see this is not being mentioned in the documentation (i.e., the "equivalent" does not mention that applies to the default bridge network), also we should update the dockerd flag descriptions for those flags that only apply to the default network.

ping @mstanleyjones @mavenugo perhaps you're able to help pointing out which options only apply to the default bridge network

@tbouvet
Copy link
Author

tbouvet commented Sep 26, 2017

@thaJeztah I'm ok with your remark but the problem is when you have an openstack environment, all networks should have a mtu=1450.
I think if we can have an default option for MTU when we are created a network, it could be very appreciate. If default MTU change, a stop/start for the network without update the configuration should be better.

@niwatolli3
Copy link

niwatolli3 commented Oct 14, 2017

I faced the same situation on openstack instance.
When I run curl to specific page, i cannot get GET responce.Hence I used tcpdump for debug, I found the MTU should be 1450.
So, I added /etc/docker/daemon.json ({"mtu": 1450}), then restart docker.service, but the http get doesn't works properly.

@niwatolli3
Copy link

👍

@thaJeztah
Copy link
Member

Have you reported an issue with the openstack maintainers?

@tbouvet
Copy link
Author

tbouvet commented Oct 16, 2017

I think it's not an openstack problem.
If a host has a MTU < 1500, docker should detect the size and adapt the data packets.

@thaJeztah
Copy link
Member

Auto-detecting MTU was removed at some point, because it would still be hit-and-miss, and cause issues in various situations; see #18108

@tbouvet
Copy link
Author

tbouvet commented Oct 16, 2017

Ok I understand the reasons but in this case, is it possible to add a parameter to configure by default all containers with a default MTU. Otherwise, we have to add it on each docker run or docker-compose ?

@niwatolli3
Copy link

niwatolli3 commented Oct 16, 2017

I think it's not an openstack problem.

Yes, I wanna change MTU of NIC which is created and used by docker.

@agxs
Copy link

agxs commented Nov 9, 2017

We're running OpenStack(which is using VXLan) and we have to explicitly set the MTU for all overlay networks that are created.

It would be useful to have an option to set the default MTU for all networks as right now using some else's compose file doesn't work without modifications.

@mdlinville
Copy link
Contributor

Hi @agxs , does --mtu option to dockerd not do what you want? You can also set it in the daemon.json (recommended) as:

...
mtu: "1500",
...

@agxs
Copy link

agxs commented Nov 10, 2017

@mistyhacks that doesn't affect swarm networks. Sorry if I wasn't clear.

@mdlinville
Copy link
Contributor

That's surprising and I wonder if that is a bug. @aaronlehmann @stevvooe 🙏

@thaJeztah
Copy link
Member

@mistyhacks no, it's not a bug, the --mtu option is only for the default bridge network (both because it predates the "custom networks", and because that one cannot be modified manually);

Custom networks and overlay networks can have a custom MTU defined on a per-network basis (through the com.docker.network.driver.mtu option).

@thaJeztah thaJeztah added this to Networking in maintainers-session Nov 14, 2017
@tbouvet
Copy link
Author

tbouvet commented Nov 22, 2017

@thaJeztah I understand but when you use Openstack (for example) you have to put a custom MTU for each network you want to create. So you have to update all docker-compose files.
And if openstack change the MTU, all your containers will be KO. So you have to update all your docker-compose and restart again. It's difficult and dangerous in production environment.

So it would be useful to have an option to set the default MTU for all networks as right now using some else's compose file doesn't work without modifications.

@agxs
Copy link

agxs commented Dec 4, 2017

I just realised that you can specify multiple compose files to a docker-compose command, so that makes things easier when overriding network settings and saves having to modify the original file.

@gboddin
Copy link

gboddin commented Aug 9, 2021

Maybe I'll try again.

Can we set default configurations for network drivers when docker starts instead of asking the world to rewrite their recipe/compose file ?

Astonishing the number of easy fixes to improve way of life that are simply ignored for multiple years.

@FalconerTC
Copy link

Would really love to see this feature!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
maintainers-session
  
Networking
Development

Successfully merging a pull request may close this issue.

8 participants