Q: why can't I access the containers in bridge network from LAN?

I’ve run some containers on my OpenWrt device, but I found that I can not access the containers runs in bridge network from my LAN PC.

image
as the pic shows, the 172.31.0.4 provides a web service.
the container’s status is fine and I can access to it from the OpenWrt device(have no GUI so I use curl 127.0.0.1:5700).

while I tried to access to it from other LAN PC(just type ‘openwrt-ip:5700’ in the browser), it will fail.

Not sure where is the problem…

Container Ips in bridge networks are not routed.
You already publish container port 5700 as host port 5700, which allows you to access port 5700 of the container using open-wrt-ip:5700.

If you try to access a container by its ip, you high likely try to do something that is not mend to be used like that.

yes, I just use this IP and port to try to access the service but failed.
Then I tried curl from the openwrt itself and found that I can access the service from the OpenWrt.

So I’m not sure if it’s a firewall preventing access from LAN

I understand “this IP” refers to the lan ip of the open-wrt router and “port” refers to the published port.
Indeed this should work, if the docker distribution in open-wrt is compliant to vanilla docker and all required kernel modules are available.

You can check if all required kernel modules exist using this script: https://raw.githubusercontent.com/moby/moby/master/contrib/check-config.sh .

Furthermore, you might want to ask this question in an openwrt forum, as chances are magnitudes higher that openwrt users that use docker on it know what causes the issue and know the problem, than in a docker forum where almost no user uses docker on openwrt.

yes, exatcly I use the openwrt-ip:published port to access the service.

And thanks for the advertise suggest, I’ll try to query this problem in some other openwrt forum.