Docker's container with --net=host is not reachable from the network

mkaiiali · October 12, 2018, 6:49pm

I am working on a project hosted on Docker for Windows using the following configuration:
Host (PC1) Physical IP: 145.118.70.40 on LAN
Host Virtual IP: 10.0.75.1 on DockerNAT

I got the following issue:
A container X (docker run --name X -it --net=host webserver 8080) is able to access the host using the domain name host.docker.internal. If X pings this domain name, it gets the reply from 192.168.65.2. However, in the host, there is no such network! The host cannot even ping X using any of this IP range. X is accessible from the host using DockerNAT network and particularly by IP: 10.0.75.2. It seems there is a bridge or NAT rule that maps 192.168.65.0 to 10.0.75.0. Using this bridge, X can access the host (via 192.168.65.2) and host can access X (via 10.0.75.2). So far no issue. The issue appears when we try to access X from another physical machine (PC2) whose IP= 145.118.70.41 on the host’s LAN. A link such as http://145.118.70.40:8080 is supposed to work on PC2, but it does not. If there is another container Y (docker run -it -p 7000:8080 webserver 8080) running on the same host (PC1) along with X (notice that there is no –net=host option used for Y), Y is accessible from PC2 using http://145.118.70.40:7000. My question is: How to make X also accessible from PC2 using the host’s IP address (just like Y) while keeping the –net=host option?

Thank you.

jjfraney · October 13, 2018, 1:43pm

I know something about Dockers network architecture, but not much about how it’s implemented inside docke for Windows.

Docker for Windows is running a Linux vm…two distinct hosts from networking perspective. The ‘host’ network in the Linux vm does not extend to the Windows host. My guess.

My guess is the docker for Windows environment links the default docker bridge network of the linux vm to the host’s external network. Magic, somehow. This explains why port binding in container Y can work.

I don’t expect using host network in a linux vm in docker for Windows would work the way you expect. Host network works on a Linux host, but not as configure to run for docker for Windows.

I admit this is a guess, an informed guess, and requires confirmation by a bit more research or by someone with more knowledge than I.

mkaiiali · October 16, 2018, 4:51pm

Thank you for your reply.
I got the support answer. As you said, (–net=host) is not fully supported by Docker for Windows.
Regards