roqvist Posted December 13, 2022 Share Posted December 13, 2022 I'm having TLS issues in some containers and found MTU diff to be the problem. In my case a Wireguard interface `wg0` is configured, and containers using it always gets 1500 MTU (even though I set MTU to 1420 in settings). Is there a way to force a specific Docker network interface MTU? Creating a `/etc/docker/daemon.json` and adding MTU there seems to affect the default bridge connection. It would be nice to target only `wg0`, if possible. (As a workaround I'm currently running these containers as privileged, doing `ifconfig eth0 mtu 1420` after startup, which I'd like to avoid) Thanks, Quote Link to comment
ehrw Posted December 22, 2022 Share Posted December 22, 2022 Wondering the same thing. Currently have speed issues and my router sometimes drops the connection maxing out the port speed via VPN. Their support recommends to set my whole network to MTU 1420 which I ofc doesn't want. Less knowledge about this than the OP. What different ways could you set a custom MTU to a docker container? Is it possible to do it without without running it as privileged? Quote Link to comment
roqvist Posted December 25, 2022 Author Share Posted December 25, 2022 I'm no expert on this, but I believe the Unraid Wireguard settings translate to a `docker network create wg0 ...` somewhere. When a custom docker network is created I believe the MTU option must be passed as an option, like: `docker network create wg0 ... -o com.docker.network.driver.mtu=1420` (or whatever you have set in the Wireguard settings page) I'm guessing the existing MTU field currently only sets the `--mtu` option, and this only affects the default bridge network - not custom networks. This can be verified by checking what options the bridge gets, by running this command: `docker network inspect bridge`. This has `com.docker.network.driver.mtu` to the value you input in the Unraid settings. Now compare with the custom network (`wg0` in my case), which doesn't have any options at all: `docker network inspect wg0` I have not found a way to modify the MTU value after the network has been created, so I think the only work around right now is to adjust MTU from within the containers. This is not ideal since the `ifconfig` command (or similar) must exist in the container, and it must also run as privileged. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.