IPv4 forwarding is disabled. Networking will not work

How to Resolve Docker WARNING: IPv4 forwarding is disabled. Networking will not work.

If you have freshly deployed Docker for testing and learning purpose, you might get this error while trying to launch a Docker container. The main cause of this issue is that IP forwarding is not enabled in the host running your container, so a simple solution would be to enable this settings in the sysctl config file of your server. It is worth noting though, that this procedure alone might not work all the time, and many suggested workarounds to this issue were to do some cleaning, by removing all your existing containers and private networks in your Docker host.

In my case I was playing with Docker installed on CentOS 7 in a nested development environment, so doing so was not a big deal for me. Obviously, you might think twice if you have to do it in a production box.

The error looks like this while trying to spin off your container, and this basically means that you will not be able to access Internet from your container or make it communicate with your host or other containers, because such kind of communication relies on IP forwarding to work.

$ docker run --rm --name server -p 5679:5679 -ti ubuntu:14.04 bash
WARNING: IPv4 forwarding is disabled. Networking will not work.

The resolution steps to follow are:

• Enable IP forwarding permanently

# sudo echo net.ipv4.ip_forward=1 >> /etc/sysctl.d/enable-ip-forward.conf
或者	$ echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf

• Restart Network Service

$ sudo systemctl restart network

After IP forwarding is enabled, you should be able to run your container. If the error is still there, you might want to proceed the hard way by doing some cleaning.

• Remove all existing containers

$ docker rm -f $(docker ps -aq)

• Remove all of existing networks

$ docker network rm $(docker network ls -q)

• Remove Docker networking metadata

$ docker run --rm -v /var/lib/docker/network/files:/network busybox rm /network/local-kv.db

• Restart Docker service

$ systemctl restart docker.service

After going through these steps, I was able to run my container without any issue

$ docker run --rm --name server -p 1234:1234 -p 5678:5678 -ti ubuntu:14.04 [email protected]:/#

Cleaning all containers does not sounds like a good idea, and I agree. That’s why before spinning-off any container on a newly installed Docker host, make sure the sure the IP forwarding is enabled. If you’re using a nested environment for your Docker learning purpose, this will let you focusing more on your Docker testing than exploring the different ways to troubleshoot a non supported environment.

docker network create somenetwork
docker run -d --name elasticsearch --net somenetwork -p 9200:9200 -p 9300:9300 -e "ES_JAVA_OPTS=-Xms256m -Xmx256m" -e "discovery.type=single-node" elasticsearch:tag
netstat -ntple
lsof -i -n
tcpdump -i dnsbr0 -n host "192.168.193.170"