Add option to make IPv6 ONLY network

[baude]

Feature request description

Right now, you cannot create an IPv6 only network via the command line.

Suggest potential solution

Let's add an option to make the network IPv6 only

Have you considered any alternatives?

Editing the config file is not much fun

Additional context

Add any other context or screenshots about the feature request here.

[Luap99]

How should this work on the cli level, a new --ipv6-only option?

[baude]

that works for me!

[rhatdan]

How about --ipv4=false --ipv6=true. Default both to be true.

[Luap99]

How about --ipv4=false --ipv6=true.

That looks better to me, at least make the cli more consistent. --ipv6 and --ipv6-only would likely be more confusing.

--ipv6 already exists and shouldn't default to to true, at least not as of today. There are still many things that this can break and I don't think we are ready to handle this. There is https://github.com/containers/podman/issues/19761 to track enabling ipv6 support by default but that will need a lot more testing first and is a breaking change so only a major version thing. In any case no relevant to this issue here.

[sbrivio-rh]

Right now, you cannot create an IPv6 only network via the command line.

By the way, while you don't create a custom network like that, podman run --net=pasta:-6 ... gives you a container with IPv4 disabled (pasta's option is -6 / --ipv6-only).

There is https://github.com/containers/podman/issues/19761 to track enabling ipv6 support by default but that will need a lot more testing first and is a breaking change so only a major version thing.

It actually looks enabled by default to me...? What's missing?

[Luap99]

We are talking about networks created with podman network create, pasta and slirp4netns are special in its own way. But yeah a default rootless container should be able to use ipv6 already.

[sbrivio-rh]

We are talking about networks created with podman network create

Yes yes, I just meant that with podman run it already kind of works.

But yeah a default rootless container should be able to use ipv6 already.

Ah, no, sorry, a DNS reachable over IPv6 is missing unless passed explicitly, and then there's this: https://github.com/containers/podman/blob/b8a684b64d77fc97b3b539dd5891319756c15c39/test/system/505-networking-pasta.bats#L446

Other than that,

$ podman run --dns 2606:4700:4700::1111 --net=pasta:-6 -it --rm alpine ping -c1 spaghetti.pizza
PING spaghetti.pizza (2606:4700:3037::ac43:c0d9): 56 data bytes
64 bytes from 2606:4700:3037::ac43:c0d9: seq=0 ttl=255 time=5.635 ms

[github-actions[bot]]

A friendly reminder that this issue had no activity for 30 days.

[omkarkhatavkar]

Any update on this feature?

[Luap99]

So I took a look to implement this, currenly it is possible to use podman network create --subnet <ipv6-subnet> to create a ipv6 only network. The only thing where it does not work is if you do not give any subnets, then podman always adds a ipv4 network even when --ipv6 is set.

So overall the logic seems very confusing, for the bridge driver it does:

1. no options -> ipv4 subnet
2. --ipv6 -> ipv4 and ipv6 subnet
3. --subnet <ipv4> -> ipv4 subnet
4. --subnet <ipv6> -> ipv6 subnet
5. --subnet <ipv6> --ipv6 -> ipv4 and ipv6 subnet (confusing and most likely should be considered a bug but I am not sure if we break anybody if we change this)

Basically the --ipv6 name is wrong and should really be dual stack at least the way it works right now.

I am in favour --ipv4=false --ipv6=true proposal above to generate a random ipv6 subnet and only use this but if we assume ipv4=true is the default then this would break case 4 so overall I don't see a quick an easy solution to implement this correctly without causing regressions.

[sanmai-NL]

Or rename ipv6 to dualstack?