(OK) can't modify the kernel IP routing table in the container

https://groups.google.com/forum/#!topic/docker-user/gFHoaKpr7no

Hi,

I tried to modify the the kernel IP routing table in the container, like set default gateway or add routing record, they both are not permitted like below:

[root@1a066a5779fe ~]# route add default gw 10.175.177.176

SIOCADDRT: Operation not permitted

[root@1a066a5779fe ~]# ip route add 10.175.177.176/29 dev eth1

RTNETLINK answers: Operation not permitted

[root@1a066a5779fe ~]# route add -net 10.175.177.176 netmask 255.255.255.248 gw 10.175.177.169 dev eth1

SIOCADDRT: Operation not permitted

anyone knows why? who has solution or work around here?

best regards.

--------------------------------------------------------------------------------------------------------------------------------------------

Panagiotis Moustafellos

kernel network capabilities are not enabled by default.

You are going to need to run your container with --privileged

--------------------------------------------------------------------------------------------------------------------------------------------

Solomon Hykes

Note that, in addition to the (heavy-handed) --privileged, you can also enable individual capabilities with --cap-add.

--------------------------------------------------------------------------------------------------------------------------------------------

hi Panagiostis,

that's true. I just tried to start container with '--priviledged=true', it's working now. thanks very much for your help.

best regards.

--------------------------------------------------------------------------------------------------------------------------------------------

hi Solomon,

thanks for your advise, i will take chance to try it.

best regards.