Ping local network from container

Hi !

I’m new to docker. I read a lot of site/answer about docker network but can’t get my container ping my local network.

I have an hyper-v server running a windows server VM (192.168.1.10/24) and an Ubuntu VM (ip 192.168.1.20/24).
The router and dhcp server is 192.168.1.1/24.
Docker from the ubuntu vm.

I would like a reverse proxy (nginx) container to redirect to the windows vm.

I run:

sudo docker network create -d bridge --subnet=192.168.2.0/16 --gateway=192.168.1.1 nginx-network

sudo docker run -P -it -d -p 80:80 --ip 192.168.2.20 --net=nginx-network --expose 80 -v[...] --name=nginx-proxy nginx

sudo docker run -i -t --net=nginx-network --volumes-from nginx-proxy --name=proxyaccess ubuntu /bin/bash

Neither nginx-proxy and proxyaccess container can access web or ping local network (192.168.1.10).
I tried to set the network subnet to 192.168.1.0/24 but it stop the ubuntu host network (VM ubuntu).
I tried to use --net=host without success.

I think i’m missing something.
Without the --net options, nginx setup is ok as i can get nginx home from “localhost” (-p 80:80).

Thank you very much for your help.

You will also be able to access it via the host (192.168.1.20, and whatever DNS name you’ve configured for it). This is the easiest configuration, and it is not incorrect.

Setting up a private bridge network isn’t wrong either, and if you had multiple containers running, the inter-container DNS is helpful. You’ve probably overspecified the settings a little, and there’s a mistake:

When the container tries to access the Windows server (at 192.168.1.10) it sees that it is on the 192.168.0.0/16 subnet you’ve declared and so it tries to reach it on the private Docker subnet, where it isn’t. Declaring this as a /24 would make it work. You’ll then hit the problem that the gateway you’ve specified isn’t on the Docker-internal network, so it’s not reachable.

None of the Docker-internal IP addresses matter at all. My recommendation would look roughly like:

docker network create -d bridge nginx-network
docker run -d -p80:80 --net=nginx-network -v[...] --name=nginx-proxy nginx

Don’t explicitly specify IP addresses for any of the Docker-side networking, and don’t specify --expose or -P when you run the container (-p 80:80 does the same thing).

(If you’re tempted to try to find out the internal IP address of your container: in the original setup, say you were on the Windows VM, which knows about its own 192.168.1.0/24 subnet, and you wanted to reach the nginx container. You’ve said -p so you can access it via the 192.168.1.20 Ubuntu host. What would you need to set up to reach an IP address that isn’t on 192.168.1.0/24, and isn’t on the public Internet?)

This was so simple ! feel stupid !!
Thanks for the detailled answer :slight_smile: