Synology NAS: unable to detect hairpin mode (is the docker daemon running?)

[magnific0]

I'm trying to run docker-ipv6nat as part of Mailcow dockerized on my Synology NAS DS918+. This particular docker keeps on restarting and reporting:

unable to detect hairpin mode (is the docker daemon running?)

All the other Mailcow dockers and several others run fine. I am sure this is something Synology related. I have attached system related information below. I'm not so familiar with docker and the purpose of this package in relation to mailcow dockerized, but I want to figure out what's going wrong here.

Please let me know what kind of tests I can perform to gather more information. Thanks!

$ docker -v
Docker version 17.05.0-ce, build 9f07f0e-synology
$ docker-compose -v
docker-compose version 1.14.0, build c7bdf9e
$ iptables -V
iptables v1.6.0
$ uname -a
Linux shardik 4.4.59+ #23824 SMP PREEMPT Tue Dec 25 18:27:56 CST 2018 x86_64 GNU/Linux synology_apollolake_918+

[robbertkl]

Hi @magnific0, is IPv6 enabled on the machine and docker daemon and container? Can you try running ip6tables-save on either the host or from within the container?

[magnific0]

Hi @robbertkl, thanks for the quick reply. ipv6 is enabled and ip6tables-save gives me no output on the host. The container keeps on restarting, so I have no idea on how to access that. I have noticed from the docker-compose.yml file that ipv6nat is in network_mode: "host". Querying the networks, I get:

$ sudo docker network ls
NETWORK ID          NAME                                DRIVER              SCOPE
e0b6bc977eb1        bridge                              bridge              local
41be0e056714        host                                host                local
faeb5eb03584        mailcowdockerized_mailcow-network   bridge              local
e3f05e0201ce        none                                null                local
$ sudo docker inspect host
[
    {
        "Name": "host",
        "Id": "41be0e05671432d94d8289a90c9227828682f0716e47219115f2007224db0ab0",
        "Created": "2019-01-12T09:22:10.414175838+01:00",
        "Scope": "local",
        "Driver": "host",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": []
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "Containers": {
            "207151bfe3d68c2a50594d100a0149170fa30dbe15dcbe430d0c888dca154516": {
                "Name": "mailcowdockerized_netfilter-mailcow_1",
                "EndpointID": "f8c7304898954fdeab94367228c2ee471b69c1a8da4b966abacf05dfe84bc83a",
                "MacAddress": "",
                "IPv4Address": "",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

So I guess that "EnableIPv6": false, is not looking good here. I'll look into ways to enable ipv6 on the host network.

[magnific0]

I just checked it out and enabling ipv6 is not a straight-forward task. When following official instructions, the docker daemon refuses to start. I'll try to read more up on the issue. But the problem is clearly with my hardware, so I'm closing the issue. Thanks again for your input.

[robbertkl]

Yeah, the Docker daemon needs to have IPv6 enabled, which can be done in multiple ways depending on your linux distribution. Sometimes there's a configuration file, sometimes you can set command line flags for the daemon in some file. Good luck!