Docker Community Forums

Share and learn in the Docker community.

Cannot access container via external IP but can access via host IP with port

Hi

I’ve created a fresh ubuntu host with the latest docker version installed on it. But it seems I cannot work how to access nginx containers (using them for testing purpose only) that are created in the default bridge network via their assigned IP but I can access them via the host machine IP with local port.

Example: my nginx has IP 172.50.5.3 with ports: 32772:443 32773:80 . When I try to open it in the browser I get connection timed out. But when I type 192.168.200.15:32773 it works. I’ve checked - nginx has network access (ping to 8.8.8.8 works) so it seems for me that something is restricting the traffic to the bridge network.

I’ve changed the default bridge network IP via deamon.json file (the file only contains this line): “bip”:“172.50.5.1/24” (reload, restart without any issues).

ifconfig shows for the docker0 interface:
docker0: inet 172.50.5.1 netmask 255.255.255.0 broadcast 172.50.5.255

My network admin said he added the necessary routes on our local gateway, I also have a second /24 network dedicated for this host - 172.50.50.0/24 (nginx in that network works without problems on bothj 172,x and 192.x:port addresses). Both networks have internal: false while using docker network inspect.

Am I missing something in the configuration or I need to harass my network admin to verify if he really did setup the routes correctly?

Server info:
Ubuntu 20.04.1 LTS
Docker version 19.03.13

I am afraid you are mixing up things. I assume your host has the static ip 192.168.20.15 and your container in your example had the ip 172.50.5.3. You did published container port 80 to host port 32773 and container port 443 to host port 32772. So far corrrect?

If you try to access a containerized service by the container ip, chances are high you are doing something not indended to be used like that. For container to container communication: use the container or service name. For outside to container communication: use the host ip or name and the host port of the published container port.

I am completly unsure why you try to do what you do, but It feels like it wouldn’t do harm to learn more about how docker works and is supposed to be used: there is a faboulus free self paced docker training you might want to take a look at.

1 Like