What IP address ranges are available to Docker when creating gateways, for example when using Compose files

Solution 1:

It seems that some "explanation" hides in that tiny piece of code:

var (
    // PredefinedLocalScopeDefaultNetworks contains a list of 31 IPv4 private networks with host size 16 and 12
    // (172.17-31.x.x/16, 192.168.x.x/20) which do not overlap with the networks in `PredefinedGlobalScopeDefaultNetworks`
    PredefinedLocalScopeDefaultNetworks []*net.IPNet
    // PredefinedGlobalScopeDefaultNetworks contains a list of 64K IPv4 private networks with host size 8
    // (10.x.x.x/24) which do not overlap with the networks in `PredefinedLocalScopeDefaultNetworks`
    PredefinedGlobalScopeDefaultNetworks []*net.IPNet
    mutex                                sync.Mutex
    localScopeDefaultNetworks            = []*NetworkToSplit{{"172.17.0.0/16", 16}, {"172.18.0.0/16", 16}, {"172.19.0.0/16", 16},
        {"172.20.0.0/14", 16}, {"172.24.0.0/14", 16}, {"172.28.0.0/14", 16},
        {"192.168.0.0/16", 20}}
    globalScopeDefaultNetworks = []*NetworkToSplit{{"10.0.0.0/8", 24}}
)

source: https://github.com/moby/libnetwork/blob/a79d3687931697244b8e03485bf7b2042f8ec6b6/ipamutils/utils.go#L10-L22

This is the best I could come up with, as I still haven't found any official documentation about this...

It also seems possible to force Docker to use a range of allowed subnets, by creating a /etc/docker/daemon.json file with, e.g. such content:

 {
     "default-address-pools": [
         {"base": "172.16.0.0/16 ", "size": 24}
     ]
 }

One can also specify multiple address pools:

 {
     "default-address-pools": [
         {"base": "172.16.0.0/16 ", "size": 24},
         {"base": "xxx.xxx.xxx.xxx/yy", "size": zz} // <- additional poll can be stacked, if needed
     ]
 }

Don't forget to restart the docker service once you're done:

$ sudo service docker restart

More on this can be found here: https://capstonec.com/2019/10/18/configure-custom-cidr-ranges-in-docker-ee/