Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Syn flood and net.ipv4.tcp_syncookies

Tags:

docker

I am trying to configure a Docker container, running tengine on Ubuntu 14, to use syncookies. However I am facing some issues.

The host has net.ipv4.tcp_syncookies=1 enabled and syncookies work directly on the host. But the container on the same host does not use syncookies.

Does anyone know a way of getting the container to use syncookies?

Thanks in advance :).

like image 628
rudkjobing Avatar asked Aug 07 '15 10:08

rudkjobing

1 Answers

I suspect the default bridge will be missing a lot of customizations you make on the host network interface. Bypass the bridge completely and attach the container directly to the host network (not a good general practice, but your use case is atypical) with a:

docker run --network host ...
like image 171
BMitch Avatar answered Nov 20 '22 00:11

BMitch
Sign in to Comment

Related questions

EB: Automatically deploy new Docker image build from Docker Hub
"tag latest not found" on docker pull with private registry
Docker hub image cache doesn't seem to be working
How to access "http://localhost" from a Docker container in Windows?
Gitlab runner + autoscaling + scaled runner options
Clone an image from a docker registry to another
How to create sound devices for debian in docker?
How do I change the save location of docker containers logs?
Docker - How to delete image from a private registry
Increase docker pull timeout
Kubernetes LoadBalancer Service returning empty response
Docker build command hangs in WSL 2 Ubuntu 18.04
Push multiple docker images to manifest without tags
Deploy Docker Container with Compose & Github Actions
Deploy to elasticbeanstalk via CLI deploy command with Dockerrun.aws.json
How to access Weave DNS-Server from external?
docker-compose v3: sharing bind-mounted volume between multiple containers with top-level volumes syntax
Using minikube with --driver=docker fails to forward from localhost to minikube internal address
Deploy-time commands inside Docker on Elastic Beanstalk

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!