I’m running Docker Desktop for Windows, version 18.09.2.

I’m running my own BitWarden hosted setup and have exposed TCP ports 80 and 3012. My Hyper-V Manager shows the MobyLinuxVM with a single network interface on the DockerNAT virtual switch. The DockerNAT virtual switch is configured as an internal network connection type (allows connectivity between the host and the Hyper-V VM)

I installed WireShark on the host side and tried to capture traffic going to my exposed BitWarden container.

C:\Windows\system32>docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
XXXXXXXXXXXX mprasil/bitwarden:1.8.0 “/bin/sh -c ./bitwar…” 13 hours ago Up 13 hours 0.0.0.0:80->80/tcp, 0.0.0.0:3012->3012/tcp bitwarden

I selected the virtual Ethernet connection going to DockerNAT (Ethernet adapter vEthernet (DockerNAT)), but I didn’t see the traffic between my host and the container.

If I WireShark on the physical host NIC, I see the traffic, but the traffic is shown being sent to my physical host. I want to capture the packets as they flow to the container. If the Docker Desktop for Windows VM has a single NIC back to the DockerNAT virtual switch and WireShark doesn’t pick up the traffic destined to a container on the MobyLinuxVM, how does the traffic actually hit the container after it arrives at the physical host?

Is Docker Desktop doing some shared memory magic between the host and the MobyLinuxVM for exposed container ports?