rootless-containers
rootless podman is not able to connect to the external ipv6 network
On Fedora 36 with the latest podman/slirp4netns podman-4.2.1-2.fc36.x86_64 slirp4netns-1.2.0-0.2.beta.0.fc36.x86_64 libslirp-4.6.1-3.fc36.x86_64
To make the containers reachable within the same host using ipv6 ip address, a custom podman ipv6 network is created using the command
podman network create test --ipv6
For containers attached to the "test" network, external ipv6 communication fails while ipv4 connection to the same external host works
Reproducer steps For Rootless container
- podman network create test --ipv6
- podman run -it registry.access.redhat.com/ubi8
Try to access an external httpd service which is running on a host that has ipv6 address as well
Current results
- Attaching to a custom network
- Starting a container by attaching to the test network
[test@atomic-test ~]$ podman run -it --network test registry.access.redhat.com/ubi8
- IPv6 fails while ipv4 works
[root@58542c3b602e /]# curl http://[2620:52:0:4a80:5054:ff:feeb:4fab] curl: (7) Failed to connect to 2620:52:0:4a80:5054:ff:feeb:4fab port 80: Network is unreachable
[root@58542c3b602e /]# curl http://192.168.122.120 test
- Without attaching to a custom network
external Ipv6 communication works
[test@atomic-test ~]$ podman run -it registry.access.redhat.com/ubi8 [root@b96375fd1fbe /]# curl http://[2620:52:0:4a80:5054:ff:feeb:4fab] test
Additional
We can see the slirp4netns is initialized properly with --enable-ipv6 flag
test 4785 0.0 0.0 4940 3116 pts/3 S 10:00 0:00 /usr/bin/slirp4netns --disable-host-loopback --mtu=65520 --enable-sandbox --enable-seccomp --enable-ipv6 -c -r 3 --netns-type=path /run/user/1001/netns/rootless-netns-aee53bca4df15e10fffc tap0
