Docker Community Forums

Share and learn in the Docker community.

Cannot access docker internal network from the host


(Alirazmjoo) #1

Hello everyone,

I’ve created a container with my customized network (named internet) which has access to the internet. then I installed my packages and run the ssh server, I could easily access the container using the 127.0.0.1:22 (I used -p 22:22) but the problem is after I install my packages I would like to disconnect the machine from the internet and use “no_internet” network, but when I want to reconnect to 127.0.0.1:22 I am getting connection refused! it seems it’s not accessible by the host!

C:\Users\myuser>docker network disconnect bridge test

C:\Users\myuser>docker network connect internet test

C:\Users\myuser>ssh root@127.0.0.1
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:1+PgH8ufz/6AshCvHBDTWoKSyAxT+622wI/F2IBs5/E.
Are you sure you want to continue connecting (yes/no)?

C:\Users\myuser>docker network disconnect internet test

C:\Users\myuser>docker network connect no_internet test

C:\Users\myuser>ssh root@127.0.0.1
ssh: connect to host 127.0.0.1 port 22: Connection refused
  • I used this command to create the “internet” network.
docker network create internet  --opt com.docker.network.bridge.enable_icc=true --opt com.docker.network.bridge.enable_ip_masquerade=true --opt com.docker.network.bridge.host_binding_ipv4=0.0.0.0 --opt com.docker.network.driver.mtu=1500
  • I used this command to create “no_internet” network.
docker network create --internal no_internet  --opt com.docker.network.bridge.enable_icc=true --opt com.docker.network.bridge.enable_ip_masquerade=true --opt com.docker.network.bridge.host_binding_ipv4=0.0.0.0 --opt com.docker.network.driver.mtu=1500
  • I restart the ssh service to check if it fixes it but it didn’t!

a simple solution

I can create a virtual machine and connect both internet and internal network into it, then use the port forwarding with iptables to access the internal network!

1- sshserver = 172.0.0.2:22 (internal)
2- machine = 172.0.0.3, 173.0.0.2 (internal, internet)
3- host = 173.0.0.1:22->173.0.0.2:22->173.0.0.3:22->172.0.0.2:22(internet, internet, internal, internal)

but this solution is odd, maybe someone with more docker knowledge could help?

Best Regards.