Defined static network is overridden by host machine public ipv4?

Docker Engine Compose
1

Hello, I’m running a tcp server in docker. I can access it with the host machine’s public ipv4, but because that’s dynamic it’s changing all the time I assigned a static IP to docker to reach it at 172.21.128.2:4243. Unfortunately I can’t access the defined ipv4 off the host machine.

docker-compose:

networks:
  static-network:
    ipam:
      config:
        - subnet: 172.21.0.0/16
services:
  reticulumtcp:
    build:
        dockerfile_inline: |
          FROM node:lts-alpine
          ENV PYTHONUNBUFFERED=1
          #install pip then rns if pip successfully installed
          RUN apk add --update --no-cache python3 py3-pip && pip install --break-system-packages rns
          ENTRYPOINT ["rnsd", "--verbose"]
    networks:
      static-network:
        ipv4_address: 172.21.128.2
    ports:
      - 4243:4243 #tcp server for reticulum
    init: true
    tty: true #to keep it running
    container_name: "reticulumtcp"
    configs:
      - source: config2
        target: /root/.reticulum/config
    restart: unless-stopped
configs:
  config2:
    content: |
        [reticulum]
        enable_transport = True
        share_instance = Yes
        loglevel = 4
        [interfaces]
        [[Default Interface]]
            type = AutoInterface
            enabled = Yes
        [[tcp server]]
            type = TCPServerInterface
            mode = gateway
            enabled = yes
            listen_ip = 0.0.0.0
            listen_port = 4243

on both host machine and from the docker when I run wget -qO - ifconfig.me I get the host’s IP in the 149.XX.XXX.XX range. I expected 172.21.128.2 as the result. Any idea where I went wrong?

2

You assign a private IP to your server and expect it to be reachable by that via Internet? That’s not how it works.

To be reachable via Internet, you need a public IP that you get assigned by a provider, that is publicly known and gets routed to your server.

If you run a curl to a public server to figure out your IP, you will always get your official public IP back, never a local private one.

Even if you just want to use the private IP in your local network, you still need to configure your local (DSL-)router to know about it, so packets to the local IP can be routed accordingly.

3

Ah, for some reason I’d thought docker was already communicating with the router when it “publishes” a port.
I tried setting a static there in my router with these settings
the default from ip route that the subnet was set to 172.21.0.1 and the destination 172.21.128.2

image
image1809×561 107 KB

I still cannot ping 172.21.128.2 from my phone. I tried the default gateway of the host thinking that might be it, but that didn’t work either.

4

Are you trying to forward traffic to the container ip?!

Bridge networks in Docker have a private ip and are natted, they are not supposed to be routed.
That’s why we publish container ports to host ports, and access the container using the host-ip and published host-port.

5

Ope, sounds like I shouldn’t be doing what I was trying to, thanks for the heads up :skull_and_crossbones: