Docker Community Forums

Share and learn in the Docker community.

Failure on UDP message reception (Container -> Host)


(dmmatos) #1

Hello,

Topic introduction

I just start working with Docker, few days ago and I am not an experienced guy in networking.
I am trying to place a C application inside the container and interact with the same via UDP.

In general, this application receives some UDP messages and reply to the same messages via UDP.

  • -> Input channel: Receive a UDP message, on a specific IP1/Port
  • -> Output channels: Send a UDP messages, to a specific IP2/Port
    (note: due to a design decision, the IP2 is in a different network from IP1, for example, IP1: 172.17.0.2/57000 and IP2: 239.192.0.1/57005).

I would like to request your support to help me, to understand, if what I am trying to do is feasible, in Docker, and if so, to help me to find out, what I am doing wrong.

This application is working, in its development environment (I mean in Linux).
The issue is, when is running in a Docker container.

So far, I am using Bridge network
With Bridge network, I am able to send messages to container, but I am not able to receive from the container.

Issue type
Docker Networking
Host to Container communication: Ok;
Container to Host communication: Not ok (but with Wireshark, I see the UDP messages, sent from container in docker0 interface);
Here a I have doubt, am I able to receive UDP messages sent from a container in eth0 interface, therefore accessible in Linux OS?

OS Version/build

CentOS Linux release 7.2.1511 (Core)

App version
Below, I am sharing, my current settings.
Kindly, let me know, if you see something missing or not correct.

Docker version

Client:
Version: 17.09.1-ce
API version: 1.32
Go version: go1.8.3
Git commit: 19e2cf6
Built: Thu Dec 7 22:23:40 2017
OS/Arch: linux/amd64

Server:
Version: 17.09.1-ce
API version: 1.32 (minimum version 1.12)
Go version: go1.8.3
Git commit: 19e2cf6
Built: Thu Dec 7 22:25:03 2017
OS/Arch: linux/amd64
Experimental: false

** Steps to reproduce**

Docker file:

FROM centos:7
RUN yum install -y iproute
EXPOSE 57000
COPY . /bin
WORKDIR /bin
CMD ["./udpParser"]

Docker Network:

NETWORK ID NAME DRIVER SCOPE
a366ac31faec bridge bridge local
cb5fe1a4e128 host host local
d56217f3212d none null local

Network bridge

~ 1007 > docker network inspect bridge
[
{
“Name”: “bridge”,
“Id”: “a366ac31faec976c913623a3aadc4b23c1b67e0407eca32c43201c18a43904d6”,
“Created”: “2018-03-01T22:59:39.142364208Z”,
“Scope”: “local”,
“Driver”: “bridge”,
“EnableIPv6”: false,
“IPAM”: {
“Driver”: “default”,
“Options”: null,
“Config”: [
{
“Subnet”: “172.17.0.0/16”,
“Gateway”: “172.17.0.1”
}
]
},
“Internal”: false,
“Attachable”: false,
“Ingress”: false,
“ConfigFrom”: {
“Network”: “”
},
“ConfigOnly”: false,
“Containers”: {
“bd18ee84db6de4f69cdc0046753b2b3046c50889b522d86efd660bb0cd28cc63”: {
“Name”: “container1”,
“EndpointID”: “a327cac7ce043be26806509eaddbb04f9f757f3d62d66902a3703c3006eb6595”,
“MacAddress”: “02:42:ac:11:00:02”,
“IPv4Address”: “172.17.0.2/16”,
“IPv6Address”: “”
}
},
“Options”: {
“com.docker.network.bridge.default_bridge”: “true”,
“com.docker.network.bridge.enable_icc”: “true”,
“com.docker.network.bridge.enable_ip_masquerade”: “true”,
“com.docker.network.bridge.host_binding_ipv4”: “0.0.0.0”,
“com.docker.network.bridge.name”: “docker0”,
“com.docker.network.driver.mtu”: “1500”
},
“Labels”: {}
}
]

Inside the container:

sh-4.2# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination

sh-4.2# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 scope global eth0
valid_lft forever preferred_lft forever

Let me know your thoughts.
Thanks in advance.