"RTNETLINK answers: Operation not supported" when running traffic-control labs in MacOS

[marcelofernandez]

Hi!

I was preparing some traffic control labs for our students and I found this error when running any of the Traffic Control labs on Mac OS (M1/ARM64 architecture). This doesn't happen on a Linux/x86_64 host.

I think the containers should be given the --cap-add=NET_ADMIN parameter when running the docker run command to avoid this issue, but I'm not sure how to add/define it (nor either I know if it would fix it, anyway).

Could you help me on this one?

Thank you!

[marcelofernandez]

Ok, I read some bits of the source code, and it seems that those process capabilities are passed to the docker runner only when Kathara is being executed under privileged mode.

Then I was able to run the same lab with the --privileged parameter as root to be able to get those NET_ADMIN capabilities (among others), but the error still persists:

(Now the error message is RTNETLINK answers: Operation not supported) 🤷

So, I'm not sure how to fix this one... thank you!

[Skazza94]

Hi @marcelofernandez, thanks for the issue and the detailed troubleshooting.

We also managed to replicate the problem on Apple silicon.

Apparently, the Docker VM on Apple silicon does not have the netem kernel module enabled. We opened an issue in the Docker repository https://github.com/docker/for-mac/issues/7138 to notify the problem.

Let's see if they will enable the kernel module in future releases.

Just for completeness, netem is enabled in the Docker VM on Intel silicon.

We found this repository: https://github.com/lukaszlach/docker-tc which should bypass the limitation, but we did not test it and we do not know if it works on M1.

Mariano.

[Skazza94]

Hi @marcelofernandez, as you already read on the official Docker issue https://github.com/docker/for-mac/issues/7138, the problem has been fixed in 4.27.0.

I am closing this issue.

Mariano.

[marcelofernandez]

Thank you!