Err_address_unreachable

General
1

Hi guys,

I’m new to using Docker.

I create an Ubuntu server on my local network for studies, install Docker on this server, and use a Docker Compose file to run a Sonatype Nexus Repository Community Edition container.

docker-compose.yml

services:
  sonatype-nexus3:
    image: sonatype/nexus3:latest
    restart: always
    privileged: true
    ports:
      - 0.0.0.0:30000:8081
    healthcheck:
      test: ["CMD", "curl", "-f", "-s", "http://localhost:8081/service/rest/v1/status/writable"]
      interval: 1s
      timeout: 5s
      retries: 10
      start_period: 60s
    volumes:
      - ./data:/nexus-data

docker ps

CONTAINER ID   IMAGE                              COMMAND                  CREATED          STATUS                        PORTS                                                                                      NAMES
2b63c8a484f7   sonatype/nexus3:latest             "/opt/sonatype/nexus…"   35 minutes ago   Up About a minute (healthy)   0.0.0.0:30000->8081/tcp                                                                    sonatype-sonatype-nexus3-1

Access the container on ubuntu:

Screenshot from 2025-03-15 11-52-01
Screenshot from 2025-03-15 11-52-011920×1080 113 KB

Access the container on the other machine

This site can’t be reached

http://192.168.0.201:30000/ is unreachable.

ERR_ADDRESS_UNREACHABLE

Another container (works fine)

docker ps
CONTAINER ID   IMAGE                              COMMAND                  CREATED        STATUS                PORTS                                                                                      NAMES
930f7e030817   postgres:latest                    "docker-entrypoint.s…"   10 days ago    Up 2 days (healthy)   0.0.0.0:5432->5432/tcp, [::]:5432->5432/tcp                                                postgres-postgres-1

docker-compose.yml
services:
  postgres:
    image: postgres:latest
    restart: always
    ports:
      - 5432:5432      
    healthcheck:
      test: ["CMD-SHELL", "pg_isready"]
      interval: 1s
      timeout: 5s
      retries: 10
      start_period: 60s
    environment:
      PGUSER: postgres
      POSTGRES_USER: postgres
      POSTGRES_DB: postgres
      POSTGRES_PASSWORD_FILE: /run/secrets/db_password
    secrets:
      - db_password      
    volumes:
      - ./data:/var/lib/postgresql/data
      - ./scripts:/docker-entrypoint-initdb.d

secrets:
   db_password:
     file: ./POSTGRES_PASSWORD

Ubuntu server firewall:

sudo ufw status
Status: inactive

Ubuntu netstat

netstat -tulnp | grep 30000
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:30000           0.0.0.0:*               LISTEN      -

Other machine in the same network

ping 192.168.0.201
PING 192.168.0.201 (192.168.0.201): 56 data bytes
64 bytes from 192.168.0.201: icmp_seq=0 ttl=64 time=62.250 ms
64 bytes from 192.168.0.201: icmp_seq=1 ttl=64 time=5.392 ms
64 bytes from 192.168.0.201: icmp_seq=2 ttl=64 time=91.923 ms
64 bytes from 192.168.0.201: icmp_seq=3 ttl=64 time=9.409 ms
64 bytes from 192.168.0.201: icmp_seq=4 ttl=64 time=6.420 ms
64 bytes from 192.168.0.201: icmp_seq=5 ttl=64 time=56.084 ms
64 bytes from 192.168.0.201: icmp_seq=6 ttl=64 time=18.022 ms
64 bytes from 192.168.0.201: icmp_seq=7 ttl=64 time=92.921 ms
64 bytes from 192.168.0.201: icmp_seq=8 ttl=64 time=7.174 ms
64 bytes from 192.168.0.201: icmp_seq=9 ttl=64 time=8.809 ms
64 bytes from 192.168.0.201: icmp_seq=10 ttl=64 time=99.095 ms
64 bytes from 192.168.0.201: icmp_seq=11 ttl=64 time=72.728 ms

nc -vnzu 192.168.0.201 30000
Connection to 192.168.0.201 port 30000 [udp/*] succeeded!

Any advice or recommendation to solve this problem?
It’s a Docker or Ubuntu issue?

Thanks in advance for your help.

2

Just by looking at the two compose files, the difference is priviliged and 0.0.0.0, try removing both.

    privileged: true
    ports:
      - 0.0.0.0:30000:8081

(Not sure if that helps, though)

3

I made the changes you suggest @bluepuma77, but I get the same results

4

I’m confused. First you showed that you could access the container locally using the IP and that it didn’t work remotely, but then you say another container works fine and just list the running containers without trying to access it remotely. Or have you tried that with success?

One idea that I can think of is that somehow higher ports are not allowed by your router or anything between the service and your remote machine. You can try port 8081 as source as well.

Since the error is “unreachable”, that indicates the request cannot even get to your machine. Note that ping sends ICMP packages and that is firewalled separately from other packages. Sometimes only icmp packages are rejected or only those are allowed.

Since you try to access a website, try it with TCP, not UDP. I realized you probably did UDP on purpose. So it means udp is allowed, but TCP is rejected by something. I think is probably not something on the machine where Docker is running

5

Hi @rimelek, thanks for your reply.

Yes, I successfully access the second container from a remote machine.

I tried to use 8081, but I get the same results.

First, as I said, the firewalls are disabled on the container host. But I made the test for the TCP protocol

nc -vnz 192.168.0.201 30000
Connection to 192.168.0.201 port 30000 [tcp/*] succeeded!

6

And I was writing about routers. You can try tshark or similar software to check what packages arrive to the server. If you need command ideas, I usually recommend the nicolaka/netshoot mage description even if you don’t want to use the image just the commands.

You can also try a simple python-based http server without containers to check if that makes any difference.

python3 -m http.server 30000

Just stop the container before that or use another port thaty ou know didn’t work.