close
Skip to content

Respect icc option for internal networks#1525

Merged
sanimej merged 1 commit into
moby:masterfrom
aboch:icc
Nov 2, 2016
Merged

Respect icc option for internal networks#1525
sanimej merged 1 commit into
moby:masterfrom
aboch:icc

Conversation

@aboch

@aboch aboch commented Oct 28, 2016

Copy link
Copy Markdown
Contributor

Related to moby/moby#26724

$ docker network create --opt com.docker.network.bridge.enable_icc=false --internal nicc
a13d820de6c06810fa2797853faba7793bdf135f097c137fddd9c188b67ba1b3
$ 
$ docker run -d --name c1 --network nicc busybox top
fcbb2b8db5a54f64f99c68856a18a626e9fa00af4f3ce63aa1ff8cb875520d3b
$ docker run -d --name c2 --network nicc busybox top
89307983319a362170fb0922ad92444f7f3572b343699151e805d81beabccc7c
$ docker exec c1 ping -c 2 c2
^C
$ sudo iptables -nvL FORWARD
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    2   168 DOCKER-ISOLATION  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0           
    2   168 DROP       all  --  br-a13d820de6c0 br-a13d820de6c0  0.0.0.0/0            0.0.0.0/0           <-- <--
$

Signed-off-by: Alessandro Boch aboch@docker.com

@aboch
Respect icc option for internal networks
59d91e5 
Signed-off-by: Alessandro Boch <aboch@docker.com>
@mrjana

mrjana commented Nov 2, 2016

Copy link
Copy Markdown
Contributor

LGTM

1 similar comment
@sanimej

sanimej commented Nov 2, 2016

Copy link
Copy Markdown

LGTM

@sanimej sanimej merged commit bac1f2f into moby:master Nov 2, 2016
@aboch aboch deleted the icc branch November 16, 2016 18:21
@diekmann diekmann mentioned this pull request Dec 5, 2016
Closed
@aboch aboch mentioned this pull request Dec 5, 2016
Merged
@vincentwoo vincentwoo mentioned this pull request Dec 13, 2016
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

status/2-needs-code-review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@aboch @mrjana @sanimej @GordonTheTurtle