Container receives UDP data but not able to send UDP data?

Hello everyone, my host device is able to send UDP data on port 1202 to the docker container however i am not able to send UDP data out of the container to the Port 1000, i performed a wireshark capture to see if any packets were on port 1000 however there was nothing. Please can anyone help me with this?

this is my docker ps output:

9cd7a9eace6a   nodered/node-red:2.2.2-12   "npm --no-update-not…"   3 hours ago   Up 3 hours (healthy)>1000/udp,>1202/udp,>1880/tcp   mynodered20

This is the command i used to initiate the container at first place:

docker run -d --restart unless-stopped -p 1880:1880 -p 1202:1202/udp -p 1100:1100/udp -v node_red_aec:/data --name mynodered13 nodered/node-red:2.2.2

Thank you

What do you mean by “send UDP data out of the container to the port 1000”?
Published ports are just for ingress traffic not for egress traffic. Unicast UDP traffic should have no problems, though multicast UDP traffic won’t pass the docker bridge barrier.

1 Like

i am actually using a node-red flow where i am trying to send a data (a variable list) to a specific port, i am not able to see any output in UDP instance.
my goal is to receive data from that UDP node in that flow chart however i do not see any packet transmission on the port 1000, so wondering if there is anything i should configure on the docker container ?

You do use wireshark for the target ip and port, right? Outgoing connections will use random ephemeral ports.

i am just wondering what can i do to have an egress UDP traffic , so that i can send UDP data to a specific port (1000) here?

Docker does not apply egress restrictions…

1 Like

i am new to the docker, so basically i cannot transmit UDP traffic from the container right? or if i run docker container with --net=host, it would allow me to listen traffic from any UDP port and also would let me egress? please can you explain, i am not able to understand how container works in terms of port mapping and talking to the host device.

That’s quite the opposite of what I wrote :slight_smile: There is no restriction for outgoing unicast UDP or anything else.

It would make your container use the host’s network namespace, and as such behave like every other native process that runs on the host. This would solve multicast issues, but should not be necessary for unicast.

By default a container uses a bridge network.

To draw a simplified image: think of it as NAT that you know from your home internet router. A published ports are just porforwardings you would do in your internet router. The same way you are able to send UDP traffic to any public internet ip, you can send UDP traffic to any ip outside the container network the host is able to reach.

should i specify in my docker run command? the command i wrote on description above, i am successfully able to see data from port 1202 (on a node-red application), but from that node-red application (which is running on web page), i have drawn a flow to send data to port. And node-red is running on docker so i am really confused why i have no data no port 1000 and if you can tell me whether i should investigate more on that node-red side or it is something lacking on my docker command ? please let me know

Like I already wrote: docker does not restrict egress/outgoing traffic.

publishing a port like -p one-of-the-host-ips:host-port:container-port will bind the host-port to that specific host-ip, instead of binding the host-port to all ip’s. Thus said, I doubt that it’s more than a red herring.

Btw. those tow do not match:

Docker ps can and will not show>1000/udp without -p 1000:1000/udp, instead you have -p 1100:1100/udp, which is not listed in the shared docker ps output. Something is not adding up here.

I get the feeling, that you might be better off to ask the question in a node-red forum.

1 Like