Docker Community Forums

Share and learn in the Docker community.

Default gateway : Where do teh packets go?


(Carel) #1

when one sets up a network in docker does the default gateway send packets to the host ? Is it possible to capture these packets in anyway and redirect them via IP tables or the linux IPRoute2 stuff ?

I’m asking this as I am presently playing with the Traefik/Nginx-Proxy container. The host machine hosts my main website, domain.tld, and I would like to have containers made available within docker exposed via subdomains as in sub.domain.tld. I need NginX on the host to split any *.domain.tld traffic to the Nginx-Proxy/Traeffic container while still serving domain.tld from the host. I think I can do this via IP-transparency in NginX but need to confirm this is the case by capturing the packets sent to the default gateway and forwarding them to NginX on the host.


(Carel) #2

What I’ve since figured out is that the network setup by docker will have the subnet 172.18.0.0/16. All traffic seems to exit via the default gateway 172.0.0.1 which is really the host machine.

If one binds the ports of the container to the a loopback host e.g. 127.0.0.2 then the packets returned to the client still seems to be passed through the 172.0.0.1 interface, which seems a bit weird. I setup the following in a default server block in NginX to try and work out where the traffic was routed from

location / {
  return 200 "<HTML>Hello from $hostname. You connected from $remote_addr:$remote_port to $server_addr:$server_port\n<HTML>";
  add_header Content-Type text/plain;
}

This would largely return the default gateway in the response for the $emote_addr.

I could not get IP-transparency working in the end via NginX. Either way my original question was vague and ill-defined. I came here to close the question more as note for myself as I doubt this will be useful to another user.
.