Docker Community Forums

Share and learn in the Docker community.

Network : Lost Host IP

docker

(Fwehrle) #1

Hi,

I’m a beginner with docker and have install it on synology (via synology package).
I have a container with nginx server launched in bridge mode with some ports open.
All was working fine since yesterday. I don’t know why, but my container can’t access (ping, url, etc…) host ip any more.
Maybe a problem with the Docker0 interface? But I’m a dummy with interfaces.
Could someone help me to make it working lease? :confused:

Thank you.

Franck


(Andynack) #2

I am having a problem that has similar symptoms. My setup is different though. I am also new to docker so while I don’t have a solution figured out, I will share my experience to add to the conversation.

I have installed Docker 1.8.3 in Ubuntu 14.04. At first my containers seemed have a properly functioning network connection. I was able to execute an “apt-get update” from a Ubuntu container and it performed the update successfully. But after just a day or so not only will apt-get not work, but a simple “ping google.com” will also not work.

I suspect that it is an issue with the MASQUERADE rule in my iptable. “sudo iptables -L -t nat -n” gives me the following output:

Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all – 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all – 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all – 172.17.0.0/16 0.0.0.0/0

Chain DOCKER (2 references)
target prot opt source destination

Based on other posts I have seen I was expecting the MASQUERADE line to have the same IP address for the destination as is in the source. I am not sure about this though because I have tried uninstalling and reinstalling Docker and the following command:

sudo apt-get install bridge-utils
pkill docker
iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
sudo service docker start

and both approaches resulted in the same iptable configuration. I have also tried:

sudo docker daemon -b testbr0

and got the following result:

INFO[0000] Listening for HTTP on unix (/var/run/docker.sock)
INFO[0000] [graphdriver] using prior storage driver "aufs"
INFO[0000] Option DefaultDriver: bridge
INFO[0000] Option DefaultNetwork: bridge
INFO[0000] Firewalld running: false
FATA[0000] Error starting daemon: Error initializing network controller: Error creating default “bridge” network: bridge device with non default name testbr0 must be created manually

Based on some older post I found I expected this to create a new MASQUERADE rule.

If anybody has any ideas on what else to try please share. The next thing i am thinking about is to try to install an older version of Docker to see if I have the same problem or not.