I am running custom Yocto distribution and we have a docker container running on it. Inside the docker there is an app that is servicing certain IP port. We are using -p HOST_PORT:DOCKER_PORT to port forward the traffic. With kernel 5.10.25 all works fine. After an update to kernel 5.10.35 this no longer works and we are getting “No route to host” message. Comparing kernel config it all looks the same. If we use “–net host” option it is working fine, but would prefer to stay with -p option.
There is no firewall on this system at all.

Once docker is running I use netstat and:
netstat -ano -p tcp | grep PORT_NUM
tcp6 0 0 ::PORT_NUM :::* LISTEN 51968/docker-proxy off (0.00/0/0)

Yes I can see it says tcp6 but that is OK. It is listening on both tcp6 and 4 because:
sysctl net.ipv6.bindv6only
net.ipv6.bindv6only = 0

So it obviously did connect the docker-proxy but am not sure why the traffic is not getting from the proxy to the app inside the container.