Networking issues with Windows Docker containers

cosmosaws · April 14, 2017, 9:57pm

Expected behavior

After starting a docker container on Windows 2016, expected network connectivity from inside the Docker container.

Actual behavior

No network connectivity from within the Docker container. eg. “ping google.com” and “ping 8.8.8.8” timed out.

Information

OS: Windows Server 2016 Standard

 > docker version

Client:
 Version:      17.03.1-ee-3
 API version:  1.27
 Go version:   go1.7.5
 Git commit:   3fcee33
 Built:        Thu Mar 30 19:31:22 2017
 OS/Arch:      windows/amd64

Server:
 Version:      17.03.1-ee-3
 API version:  1.27 (minimum version 1.24)
 Go version:   go1.7.5
 Git commit:   3fcee33
 Built:        Thu Mar 30 19:31:22 2017
 OS/Arch:      windows/amd64
 Experimental: false

 > docker info
Containers: 2
 Running: 1
 Paused: 0
 Stopped: 1
Images: 15
Server Version: 17.03.1-ee-3
Storage Driver: windowsfilter
 Windows:
Logging Driver: json-file
Plugins:
 Volume: local
 Network: l2bridge l2tunnel nat null overlay transparent
Swarm: inactive
Default Isolation: process
Kernel Version: 10.0 14393 (14393.693.amd64fre.rs1_release.161220-1747)
Operating System: Windows Server 2016 Standard
OSType: windows
Architecture: x86_64
CPUs: 8
Total Memory: 31.96 GiB
Name: dm-bm-win2016-1
ID: YJZ5:RFM3:UEGI:B2YG:VSAJ:YVLE:ULVI:YVQO:HCXV:ZVH6:W353:7KJW
Docker Root Dir: C:\ProgramData\docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

 > docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
a24abce6fc4d        nat                 nat                 local
2a89a18476aa        none                null                local

When I do a “docker inspect” of the running container I get this (I’ve hidden some values just to be safe)

docker inspect <container_id>
…..
       "NetworkSettings": {
           "Bridge": "",
           "SandboxID": "7eb95515b541f14080b7f95f802c46e94cb93edd812d124145375070d83d5631",
           "HairpinMode": false,
           "LinkLocalIPv6Address": "",
           "LinkLocalIPv6PrefixLen": 0,
           "Ports": {},
           "SandboxKey": "<HIDDEN>",
           "SecondaryIPAddresses": null,
           "SecondaryIPv6Addresses": null,
           "EndpointID": "",
           "Gateway": "",
           "GlobalIPv6Address": "",
           "GlobalIPv6PrefixLen": 0,
           "IPAddress": "",
           "IPPrefixLen": 0,
           "IPv6Gateway": "",
           "MacAddress": "",
           "Networks": {
               "nat": {
                   "IPAMConfig": null,
                   "Links": null,
                   "Aliases": null,
                   "NetworkID": "<HIDDEN>",
                   "EndpointID": "<HIDDEN>",
                   "Gateway": "172.17.48.1",
                   "IPAddress": "172.17.48.24",
                   "IPPrefixLen": 16,
                   "IPv6Gateway": "",
                   "GlobalIPv6Address": "",
                   "GlobalIPv6PrefixLen": 0,
                   "MacAddress": "<HIDDEN>"
               }
           }

Steps to reproduce the behavior

On Windows 2016, install Windows Docker.

Install-Module -Name DockerMsftProvider -Force
Install-Package -Name docker -ProviderName DockerMsftProvider -Force
Restart-Computer -Force

Pull Windows Server core

docker pull microsoft/windowsservercore

Start Windows Docker container

docker run -it microsoft/windowsservercore powershell
OR
docker run -it --network=nat microsoft/windowsservercore powershell

Inside the container:

ping google.com — TIME OUT
ping 8.8.8.8 ---- TIME OUT

friism · April 14, 2017, 11:51pm

Can you try these debug tools?

cosmosaws · April 17, 2017, 8:45pm

Hi Michael,
Thanks for the suggestions. I’ve tried both scripts, but haven’t figured out the cause of my issues.

Debug-Container-Host - all the tests appeared to pass. The only error that it seemed to have was this:
“Get-Content : Cannot find path ‘C:\Users\Administrator\AppData\Local\Docker\log.txt’ because it does not exist.”

CleanupContainerHostNetworking - I ran with no options, and then reran with “-ForceCleanup” parameter. The log collection took place, but I’m still encountereing the same network problem inside the Docker container.

Is there a way for me to attach the logs for you to look over?

Thanks.

cosmosaws · April 18, 2017, 4:35pm

@friism Should I send/upload my debug logs to you so you can help look them over? Thanks!

cosmosaws · April 19, 2017, 12:04am

As I’ve tested the outbound “ping” from inside the Windows Docker container, what I’ve discovered is that the outbound network connectivity is erratic. i.e. I login to the container using Powershell and issue a “ping google.com” repeatedly. For awhile the ping will fail for several times but then mysteriously start working for awhile for a few tries, and then fail again for a few tries…

I haven’t found a consistent pattern to explain the cause of the failure. Any suggestions on how to troubleshoot this would be greatly appreciated.

asarafian · April 21, 2017, 1:08pm

I’ve got the exact problem and I had raised the issue in stackoverflow

Currently, the issue got resolved by itself and I’m not really sure what fixed it. I’m deliberately keep the same version, to see if it will happen again.

rorpage · August 4, 2017, 1:41pm

I’m having the same issue, and I’m on Windows 10 1703 (OS Build 15063.483). Which version are you on?

asarafian · August 7, 2017, 12:01pm

I’m currently with Microsoft Windows [Version 10.0.15063]. Hasn’t happened for a while but full disclaimer I don’t use much containers. Two things are possibly different from when I raised the issue and could have resulted to a fix

I’m updating docker regularly with each pre-release version
I’m updating windows on a weekly basis

Keep in mind that when docker installs, e.g. new pre-release version, the problem gets fixed

rorpage · August 7, 2017, 12:04pm

I figured out that my issues were due to some network adapters being disabled on my laptop (namely, ones used by Hyper-V). I’m all set now.

asarafian · August 8, 2017, 7:16am

Can you elaborate more @rorpage because I had the same suspicions. It felt that somehow this went wrong when a heavy (long building) windows image was building and 2-3 hyper-v were active while building vagrant boxes.

tatornator12 · September 1, 2017, 11:51am

I hate to revive an old thread, but I seem to be facing the same issues but with Linux based containers on Docker for Windows. The containers have network connectivity within the docker network I have created, but when I ping them from outside the containers, I get a “Destination net unreachable.” I also noticed that I cannot connect to the containers through the public IP address, only with localhost. I ran Fiddler and received this error:

DNS Lookup for "11833823f4bd" failed. System.Net.Sockets.SocketException No such host is known

I should note that I’m not on the latest build of Windows (unable to with my work laptop). Does in fact the Windows 10 Creator Update fix this issue?

Thanks!

Topic		Replies	Views
Temporary no network connectivity just after windows container was created Docker Desktop	0	559	November 2, 2020
Docker for windows: pinging container from host Docker Desktop windows	2	4576	September 12, 2019
Network issue on Windows Server 2016 TP4 - The network is not present or not started General docker	0	1562	February 18, 2016
Docker Swarm Containers are not having external/Outbound connectivity in Windows server 2022 Docker Desktop swarm , windows-container , windows	3	548	April 2, 2024
Restarting Docker service in Swarm mode causes network interruption? Windows Server 2016	0	1117	December 8, 2018

Networking issues with Windows Docker containers

Expected behavior

Actual behavior

Information

Steps to reproduce the behavior

Related topics