I’m facing issue with ARP request/response from ubuntu container with windows platform as docker host.

The experimentation is performed with very basic setup.

The following network mode is available as part of docker desktop installation in windows.

D:\Docker\ubuntu>docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
8375175c22dc   bridge    bridge    local
1b9942f6e958   host      host      local
f15c87f3e568   none      null      local

Pull latest ubuntu image (FROM ubuntu:latest) and start running it using docker run command

D:\Docker\ubuntu>docker run -i -t dockertest /bin/bash

root@4895113a218d:~#

The ubuntu container is running in bridge network mode and could see following interface available within container

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.2  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:ac:11:00:02  txqueuelen 0  (Ethernet)
        RX packets 4129  bytes 5898871 (5.8 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1674  bytes 95577 (95.5 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    

I then installed nmap within ubuntu container and tried sending ARP request to one of the node in the local network using nping command. But, there is no response from that particular node (192.168.10.207) even through its accessible from windows host.

root@1fdc2acb5928:~# nping --arp-type ARP 192.168.10.207

Starting Nping 0.7.80 ( https://nmap.org/nping ) at 2022-03-21 12:39 UTC
SENT (0.0770s) ARP who has 192.168.10.207? Tell 172.17.0.2
SENT (1.0774s) ARP who has 192.168.10.207? Tell 172.17.0.2
SENT (2.0789s) ARP who has 192.168.10.207? Tell 172.17.0.2
SENT (3.0803s) ARP who has 192.168.10.207? Tell 172.17.0.2
SENT (4.0819s) ARP who has 192.168.10.207? Tell 172.17.0.2

Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A
Raw packets sent: 5 (210B) | Rcvd: 0 (0B) | Lost: 5 (100.00%)
Nping done: 1 IP address pinged in 5.16 seconds

Alternatively, I tried with ping command and its working absolutely fine. May be its Layer 3 protocol.

root@1fdc2acb5928:~# ping 192.168.10.207

PING 192.168.10.207 (192.168.10.207) 56(84) bytes of data.
64 bytes from 192.168.10.207: icmp_seq=1 ttl=37 time=8.00 ms
64 bytes from 192.168.10.207: icmp_seq=2 ttl=37 time=5.79 ms
64 bytes from 192.168.10.207: icmp_seq=3 ttl=37 time=5.97 ms

System Configuration

• Docker Host: Windows 10
• Docker Image: ubuntu:latest
• Application used for ARP verification: nping (installed via nmap package)

Why ARP not working in ubuntu docker container with network mode selected as bridge? Does Layer 2 protocols has any issue in bridge network mode?

Can somebody help me to resolve this issue?

Hi @santhosh77

did you get any answer or solution from any other portal?

Thanks

In Docker’s bridge network mode on Windows, ARP requests may not work as expected because the container is in an isolated virtual network and doesn’t have direct Layer 2 access to the host network. Since ICMP (ping) works, it confirms that Layer 3 routing is functional. To resolve this, try using host network mode (--network host), configure macvlan for direct Layer 2 communication, or check if Windows firewall or Docker’s virtual network settings are blocking ARP traffic.

The context is the Docker Desktop utility vm, which is not bridged to host network via layer2.
If you need to perform layer2 operations, your only option is to use docker-ce either baremetal or on a vm that is attached to a bridge that works on layer2.