Closed alexanderjordanbaker closed 4 years ago
I don't have ipv6 so can't even test
You're not going to have much luck with ipv6 in docker, i spent quite a bit of time on it and it just doesnt work right due to the nat nature of docker vs the no-nat nature of ipv6. When i finally got it working, packets using ipv6 experienced an added delay of up to 100ms that didn't exist at all with ipv4.
That said, if you can find a way to make it work properly, feel free to submit a PR. for now, this is not on the roadmap.
I don't have ipv6 so can't even test @aptalca
How long do you think you'd need access to ipv6? I can spin up an instance on ramnode and send it your way. Would a 1GB KVM VPS work?
It might be possible to just use network_mode: host
and have WireGuard configure IPv6 on the host. However, this adds a local CoreDNS instance, which might not be desireable on a client...
It would be really great to have IPV6 support in this docker. IPV4 is dying and many users don't get any routable IPV4 adresses anymore (esp. the smaller communial suppliers of fiber don't have enough IPV4s). As far as I understand, wireguard itself is capable of doing IPV6, it seems the config scripts in this image get confused if there is a IPV6 adress. At least that seems to explain some odd error messages like "Unable to parse IP address: `.2'" when tyring to start the container.
I'd also appreciate a solution for IPv6. If you can't support it, there should be at least an option to properly block it. If you add ::/0
to the allowed IPs IPv6 goes through the tunnel, but for example my package manager takes a lot longer to respond (about half a minute instead of instantly) since it waits for the IPv6 to timeout before switching to v4.
I don't think that is solved properly right now.
@aptalca @drizuid Are there any news on IPv6 Support? In it's current state it really is sadly not that useful as a docker container if even basic features like IPv6 don't work :(
it is highly improbable you will see any effort from us internally on the ipv6 front in the next couple of years. I'm pretty sure I am the only member with ipv6 on the team. You have multiple ways to make it work, nds or direct. It's not difficult if you understand networking and ipv6 subnetting. In terms of making it work in the container, just modify the configs as you need to, the config for ipv6 on the container is no different than on a host once you have ipv6 working for the bridge network in question.
I will add that directly adding ipv6 completely removes the latency added by nds. it's quite nice.
Just chiming in that, unlikely or not, I'd also really appreciate IPv6 support being baked in. I've been trying to get it configured manually and it's a headache.
there is nothing for us to do, setup ipv6 properly in a custom docker bridge and it works.. just follow the normal wireguard docs from there.
Is there any plan for adding IPv6 support to this in addition to the current IPv4?