Hi everyone,
I'm encountering a puzzling issue where Docker builds are severely impacted when Surge is running, even though the affected traffic should be going through DIRECT.
Environment
Surge version: Version 6.3.0 (8560)
OS: 26.0 (25A354), same for the previous macOS version, I just tested it today with macOS26
Docker Desktop version: 4.44.3 (202357)
Problem Description
When building a Docker image with the following step:
RUN apt-get update -q \
&& apt-get install -yq --no-install-recommends \
libreoffice \
pdftk-java \
fontconfig
With Surge ON (either Proxy or Proxy+Enhanced mode):
The apt-get operations run extremely slowly
Eventually fail with timeout errors like:
258.2 Unable to connect to archive.ubuntu.com:80: [IP: 198.18.11.176 80]
With Surge OFF:
The same build completes quickly without any errors
No connection issues whatsoever
What I've Verified
Rule matching: I've checked the Surge Dashboard during the build - all related Ubuntu URLs are indeed matching my DIRECT rule and showing as DIRECT in the request list
I don't observe similar slowdowns with other applications or services
Consistent reproduction: This happens 100% of the time with Surge on, and never happens with Surge off
The Mystery
Since the traffic is going through DIRECT according to Surge, I don't understand why there's any difference in behavior when Surge is enabled vs disabled. In theory, DIRECT should bypass Surge's processing entirely, right?
Questions
Has anyone else experienced similar issues with Docker builds while Surge is running?
Could there be some interaction between Surge's TUN/Enhanced Mode and Docker's bridge networking?
Why would DIRECT traffic still be affected by Surge being enabled?
Any insights or suggestions would be greatly appreciated. Happy to provide additional logs or configuration details if needed.
Thanks!
