Docker 101 : Basic containers networking
The "docker0" bridge interface gets a private IP address, usually 172.17.42.1.
When the containers are started they get an address in the range 172.17.42.0/24.
The container's interface:
The container's network interface connects to the bridge (docker_0) so it can use it as a gateway to connect to the host's network interface.
After the container starts running, it creates a pair of network interfaces.
One end of the interface lives in the network namespace of the container (eth0) and the other lives in the networking namespace of the host (veth_bridge) and is attached to the bridge docker0.
We can run the container (Debian in our case):
We find ourselves inside the container then we run:
The vethxxx interfaces are created on the host and are attached to the bridge docker0.
Bridge interfaces:
Displays all the bridge interfaces on the host.
NAT and Port Forwarding:
NAT (Network Address Translation): The interface on the host uses NAT. To display these rules, we use:
It maps the private address to the public address, by replacing the private address with the public address on outgoing queries, and it does the opposite when the response arrives.
Port Forwarding: Port Forwarding maps a port and an IP address to another port and IP address.
Comments