Description
I'm maintaining a docker network plugin called DockerCAN, used to create CAN networks. In Docker v29, there is problems when using it together with a normal bridged network.
The error I get is in the form:
docker: Error response from daemon: failed to set up container networking: updating external connectivity for IPv4 endpoint 11d837533a2d: driver failed programming external connectivity on endpoint gateway_c1b3df5e1679 (11d837533a2d6aa83bf1f38f8e76c3dff2e213f1a237c46a14901a153e6f202e): endpoint not found: 11d837533a2d6aa83bf1f38f8e76c3dff2e213f1a237c46a14901a153e6f202e
This error message is referring to the bridged network, not the CAN network. The DockerCAN plugin doesn't generate any errors or anything suspicious and receives the callbacks as expected.
The CAN networks are not using IP at all, neither v4 nor v6.
Some notes:
- It only happens when I use both an ip-based network together with one or more CAN networks. Just CAN or just bridge works fine.
- I've tried it on both x86 and arm architectures.
- It works fine in Docker v28.
- The error happens often, but not always.
- If I create the container first and assign the networks one by one, it seems to work.
- The instructions run alpine, but I've tried it with other images as well.
Reproduce
There is a repo with instructions here: https://github.com/remotivelabs/docker_bug_repro. But I'll add them here as well:
Install the DockerCAN plugin, only available for Linux
First install can-utils.
sudo apt install can-utils
Download the latest version of DockerCAN from https://releases.remotivelabs.com/#docker_can/
mkdir dockercan
tar xvf dockercan-VERSION.tar.gz -C dockercan
cd dockercan
make
cd ..
rm -rf dockercan
Now we can run things:
- Create the bridge network:
docker network create my_net
- Create the CAN network:
docker network create --ipv6=false --ipv4=false --driver=docker_can --opt vxcan.dev=mycan0 --opt vxcan.peer=mycan0 my_can
- Run the container with the networks:
docker run --name alpine --network my_net --network my_can --tty alpine echo hello
Expected behavior
Bringing the container up should work without errors.
docker version
Client: Docker Engine - Community
Version: 29.0.0
API version: 1.52
Go version: go1.25.4
Git commit: 3d4129b
Built: Mon Nov 10 21:47:17 2025
OS/Arch: linux/arm64
Context: default
Server: Docker Engine - Community
Engine:
Version: 29.0.0
API version: 1.52 (minimum version 1.44)
Go version: go1.25.4
Git commit: d105562
Built: Mon Nov 10 21:47:17 2025
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: v2.1.5
GitCommit: fcd43222d6b07379a4be9786bda52438f0dd16a1
runc:
Version: 1.3.3
GitCommit: v1.3.3-0-gd842d771
docker-init:
Version: 0.19.0
GitCommit: de40ad0
docker info
Client: Docker Engine - Community
Version: 29.0.0
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.29.1
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.40.3
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 36
Server Version: 29.0.0
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge docker_can host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
CDI spec directories:
/etc/cdi
/var/run/cdi
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: fcd43222d6b07379a4be9786bda52438f0dd16a1
runc version: v1.3.3-0-gd842d771
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.8.0-85-generic
Operating System: Ubuntu 24.04.1 LTS
OSType: linux
Architecture: aarch64
CPUs: 2
Total Memory: 3.814GiB
Name: remotive
ID: c50f49f1-ab3a-41a3-8442-191735ac2eaa
Docker Root Dir: /var/lib/docker
Debug Mode: true
File Descriptors: 25
Goroutines: 48
System Time: 2025-11-14T10:17:06.510963564Z
EventsListeners: 0
Experimental: false
Insecure Registries:
127.0.0.0/8
::1/128
Live Restore Enabled: false
Default Address Pools:
Base: 172.16.0.0/12, Size: 20
Base: 192.168.0.0/16, Size: 24
Firewall Backend: iptablesAdditional Info
No response
Description
I'm maintaining a docker network plugin called DockerCAN, used to create CAN networks. In Docker v29, there is problems when using it together with a normal bridged network.
The error I get is in the form:
This error message is referring to the bridged network, not the CAN network. The DockerCAN plugin doesn't generate any errors or anything suspicious and receives the callbacks as expected.
The CAN networks are not using IP at all, neither v4 nor v6.
Some notes:
Reproduce
There is a repo with instructions here: https://github.com/remotivelabs/docker_bug_repro. But I'll add them here as well:
Install the DockerCAN plugin, only available for Linux
First install
can-utils.Download the latest version of DockerCAN from https://releases.remotivelabs.com/#docker_can/
Now we can run things:
docker network create my_netdocker network create --ipv6=false --ipv4=false --driver=docker_can --opt vxcan.dev=mycan0 --opt vxcan.peer=mycan0 my_candocker run --name alpine --network my_net --network my_can --tty alpine echo helloExpected behavior
Bringing the container up should work without errors.
docker version
Client: Docker Engine - Community Version: 29.0.0 API version: 1.52 Go version: go1.25.4 Git commit: 3d4129b Built: Mon Nov 10 21:47:17 2025 OS/Arch: linux/arm64 Context: default Server: Docker Engine - Community Engine: Version: 29.0.0 API version: 1.52 (minimum version 1.44) Go version: go1.25.4 Git commit: d105562 Built: Mon Nov 10 21:47:17 2025 OS/Arch: linux/arm64 Experimental: false containerd: Version: v2.1.5 GitCommit: fcd43222d6b07379a4be9786bda52438f0dd16a1 runc: Version: 1.3.3 GitCommit: v1.3.3-0-gd842d771 docker-init: Version: 0.19.0 GitCommit: de40ad0docker info
Additional Info
No response