In my homelab, ipv6 has started causing some troubles.
Log
time=“2025-09-23T04:12:41Z” level=info msg=“Watchtower 1.7.1”
time=“2025-09-23T04:12:41Z” level=info msg=“Using no notifications”
time=“2025-09-23T04:12:41Z” level=info msg="Checking all containers (except explicitly disabled
with label)"
time=“2025-09-23T04:12:41Z” level=info msg=“Running a one time update.”
time=“2025-09-23T04:12:55Z” level=info msg=“Unable to update container \”/beszel\“: Error response from daemon: Get \“https://registry-1.docker.io/v2/\”: net/http: TLS handshake timeout. Proceeding to next.”
time=“2025-09-23T04:13:07Z” level=info msg=“Unable to update container \”/beszel-agent\": Error
response from daemon: Get \“https://registry-1.docker.io/v2/\”:
net/http: TLS handshake timeout. Proceeding to next."
This is fixed by disabling ipv6 systemwide.
sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=1
I am disabling IPV6 to update docker containers and enabling them after.
When IPV6 is disabled, certain containers are not working - Linkding, 2fauth, etc.
Is there any solid fix? Have you encountered this problem? Did I fuck up configuring something? Please help (perplexity and chatgpt have given up on me, I hope that people on TE won’t)
You’re not alone - Docker + IPv6 glitches are common, especially with certain ISPs or network configs. Those TLS timeouts often mean IPv6 DNS or routing is broken somewhere upstream (common in India) even if your local config is fine. A safer fix is to force Docker to prefer IPv4 for pulls, rather than toggling IPv6 system-wide. Add "{"dns":["8.8.8.8"]}" to your /etc/docker/daemon.json or start Docker with --dns=8.8.8.8 to force IPv4 resolution. This should let you update containers without breaking IPv6-only apps. Hope this helps!
I had set it to IPV6 false. Changed to 8.8.8.8. now it’s working fine. Thank you so much @Shauvik_Kumar for the suggestion. I removed 8.8.4.4 because it was not working.