Configuring Docker to not use the 172.17.0.0 range

Due to problems with captive portals and the default Docker IP range I am trying to make Docker use the 198.18.0.0 range, instead of 172.17.0.0, which clashes with the captive portals used on the trains where I live.

Following the docs, I created /etc/docker/daemon.json, and put the following in it:

{
    "bip":"198.18.0.0/16"
}

This worked for docker0, but it seems to not have affected any of the other networks, and using docker compose the first network created is 172.17.0.0, which recreates the clash.

What can I do to change the default subnet for all docker networks (preferably without having to state my custom IP range in every compose file)?


Solution 1:

It is possible to redefine default range.

$ docker -v
Docker version 18.06.0-ce, build 0ffa825

Edit or create config file for docker daemon:

# nano /etc/docker/daemon.json

Add lines:

{
  "default-address-pools":
  [
    {"base":"10.10.0.0/16","size":24}
  ]
}

Restart dockerd:

# service docker restart

Check the result:

$ docker network create foo
$ docker network inspect foo | grep Subnet
                    "Subnet": "10.10.1.0/24"

It works for docker-compose too. More info here https://github.com/moby/moby/pull/29376 (merged)

Solution 2:

There are three places docker will generate network subnets.

  • The default bridge
  • User generated bridge networks
  • Swarm mode generated overlay networks

For the default bridge (called "bridge"), you can specify BIP (I believe that's Bridge IP; make sure it's a host IP, not a network IP) in the daemon.json file. And for user generated bridge networks you can define a subnet pool to pick from (assuming the user does not manually specify a subnet). For these two, your /etc/docker/daemon.json would look like:

{
  "bip": "10.200.0.1/24",
  "default-address-pools":[
    {"base":"10.201.0.0/16","size":24},
    {"base":"10.202.0.0/16","size":24}
  ]
}

Each address pool setting above defines a CIDR range and size of subnets to be allocated from that range. So the above defines two class B ranges that are allocated as class C networks (/24). You do need at least 18.06 for the default address pools. You will need to reload the docker daemon for this change to apply (systemctl reload docker). And this change will only modify newly created user networks, so you'll need to stop containers and delete existing networks in the wrong range.


In 18.09, Docker added the ability to specify the address range for swarm mode generated overlay networks. This can only be done at the time of swarm creation right now, hopefully that will be updated in the future to allow docker swarm update to adjust these pools:

$ docker swarm init \
  --default-addr-pool 10.202.0.0/16 \
  --default-addr-pool 10.203.0.0/16 \
  --default-addr-pool-mask-length 24

Solution 3:

I use Docker Desktop in a Windows operating system and I tried to change the default Bridge IP.

Docker throws an error and asked me to reset the settings every time I tried to change just the bip in the settings.

This worked: (have to dive deep and understand how it works)

{
  "bip": "192.168.1.5/24", 
  "fixed-cidr": "192.168.1.5/25", 
  "default-address-pools":[
      { "base":"192.168.2.5/24", "size":28 }
  ]
}

Solution 4:

Configure the default bridge network: "… To configure the default bridge network, you specify options in daemon.json. Here is an example daemon.json with several options specified. Only specify the settings you need to customize. …"

With compose: Specify custom networks: "… Instead of just using the default app network, you can specify your own networks with the top-level networks key. This lets you create more complex topologies and specify custom network drivers and options. You can also use it to connect services to externally-created networks which aren’t managed by Compose. …"