Guest

Preview Tool

Cisco Bug: CSCvs67459 - Enable docker to work without --net=host

Last Modified

Sep 11, 2020

Products (1)

  • Cisco 8000 Series Routers

Known Affected Releases

7.3.1.BASE

Description (partial)

Release-note

Symptom:
With certain docker launch options traffic protection feature may not work correctly 
The vrf used with -v option while launching docker may not be available after reload.

Conditions:
Docker containers can be launched with several different network options.
1) By default,  without any options when docker is launched it will use the default docker bridge which is NATed
2) One pass an XR created VRF through -v option and use that VRF inside docker to send/received packets
     -v /var/run/netns/vrf-blue:/var/run/netns/vrf-blue
3) Docker can be made to use the host networking.
     --net host

If option 1) is used traffic protection doesn't work.
If option 2) is used traffic protection is fine, but there is a potential race condition because of which the vrf-blue may not be available when docker is launched after reload.
Option 3) doesn't have any restrictions
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.