Skip to content

gvisor-tap-vsock port driver does not propagate the src IP #573

Open
Open
gvisor-tap-vsock port driver does not propagate the src IP#573
Labels
bugSomething isn't working
Milestone
v4.0.0 maybe
@AkihiroSuda

Description

@AkihiroSuda
AkihiroSuda
opened on Apr 7, 2026
CONTAINERD_ROOTLESS_ROOTLESSKIT_NET=gvisor-tap-vsock \
CONTAINERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=gvisor-tap-vsock \
containerd-rootless.sh 

nerdctl run -d -p 8080:80 nginx:alpine
curl HOST_IP:8080
nerdctl logs nginx

When the port driver is set to gvisor-tap-vsock, the source IP is always set to 10.0.2.1.
The correct IP is propagated when the port driver is set to builtin or slirp4netns (w/ NET=slirp4netns too).

@fahedouch
Is this behavior expected?

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions