Docker Community Forums

Share and learn in the Docker community.

Docker WireGuard No Listener On Host

Intent:
I am attempting to use a Docker container to host a WireGuard server to provide remote clients access to my home network. I am already running DDClient in a docker container to allow connections to my home server via domain name with port forwarding at the router.

When using the following docker-compose I am unable to pass traffic to a WireGuard server container running on my home server.

Note: Identifying information changed in the following docker-compose

version: “2.1”
services:
wireguard:
image: linuxserver/wireguard
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- PUID=1000
- PGID=1000
- TZ=America/Detroit
- SERVERURL=connect.mydomain.net
- SERVERPORT=51820
- PEERS=5
- PEERDNS=1.1.1.1
- INTERNAL_SUBNET=10.13.13.0
volumes:
- /docker-static/black-wireguard/config:/config
- /lib/modules:/lib/modules
ports:
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
restart: unless-stopped

The docker container is successfully deployed and runs. When attempting to connect clients using the config files generated by the container, the client shows connection and shows TX packets but no RX packets at the client. When attempting to troubleshoot, I noticed the Docker host has no 51820 listening port. No matter how I change the docker-compose file, no listening port is ever registered on the host. I am assuming at this point that this is the issue as to why my container is not responding back to the clients. Any assistance in troubleshooting or configuration would be very much appreciated.

Results of:

$ sudo lsof -i -P -n | grep LISTEN

dockerd 24584 root 27u IPv6 183032 0t0 TCP *:2377 (LISTEN)
dockerd 24584 root 33u IPv6 182119 0t0 TCP *:7946 (LISTEN)
docker-pr 1914448 root 4u IPv4 523243 0t0 TCP serverip:443 (LISTEN)
docker-pr 1914461 root 4u IPv4 522141 0t0 TCP serverip:80 (LISTEN)
docker-pr 1914487 root 4u IPv4 525865 0t0 TCP serverip:53 (LISTEN)