Docker Community Forums

Share and learn in the Docker community.

Help with Docker network settings / iptables NAT

(Vitaly Pronkin) #1

This is probably not exactly a Docker question, but I don’t have enough experience with its network settings and iptables to determine where to ask.

I have a server running inside a docker container, listening on UDP port, let’s say 1234. This port is exposed in Dockerfile.

Also, I have an external server helping with NAT traversal, basically, just sending addresses of the registered server and a client to each other, and allowing to connect to a server by the name it supplied during registration.

Now, if I run my container with -P option, my port is getting published as some random port, e.g. 32774. But on the helper server I see my server connected to it from port 1234, and so it can’t send a correct address to a client. And a client can’t connect at all.

If I run my container explicitly publishing my server on the same port with -p 1234:1234/udp, a client can connect to the server directly. But now on the helper server I see my server connected to it from port 1236, and again it can’t send the correct port to a client.

How can this be resolved? My aim is to require as little additional configuration as possible from people who will use my docker image. And I’d like to be able to use randomised port numbers to be able to run several server containers, so I must be able to connect via my helper server.

(Vitaly Pronkin) #2

So, I need either to know my external port number from inside the container to send it to the discovery server, which, as I understand, not possible at the moment, right? Or I need to make outgoing connections from the container and my port to use the same external port as configured for incoming connections - is that possible?