Unable to access host's localhost from container

imwis · May 10, 2025, 11:26am

I am running a MySQL container with its 3306 port mapped to the host machine’s 127.0.0.1:3306.

However, I cannot access the host’s 127.0.0.1:3306 from another container via 172.17.0.1:3306. The connection only works when I map the MySQL container to 0.0.0.0:3306. But listening on 0.0.0.0 or use “–net=host” may pose security risks.

Rootless Docker provides a way to access the host’s loopback address via 10.0.2.2 . Does Rootful Docker offer a similar method? Thanks!

meyay · May 10, 2025, 4:34pm

This is already the recommended solution. That is if this is really the ip for the docker0 network interface on your host, and mysql on your host actually binds the port 3306 on this ip.

imwis · May 10, 2025, 6:08pm

Thank you for your answer!
After binding the MySQL container to 172.17.0.1:3306, I can indeed access it from another container using the same address. But I’d also like to know is there a way for a container to access the host’s 127.0.0.1?

bluepuma77 · May 10, 2025, 6:58pm

No. Containers are for isolation. You can not access 127.0.0.1 on the host from inside a container.

meyay · May 10, 2025, 8:00pm

I missed a crucial detail: I seem to have skipped the first line and assumed mysql is running on the host.

Why would you want to use the published host port to access the database from another container?
The intended approach is to put the app container and database container in the same user defined network, then use dns-based service discovery to communicate from the app container to the database container.

The networks internal dns, will resolve the service name (docker compose only), container name, container’s hostname, or the container’s network alias to the current container ip, so you will be able to reach the application in the target container with either one of those names and the container port of the application.

This does not work with default bridge network.

imwis · May 11, 2025, 3:45am

The best practice is exactly as you said. But my server resources are limited, and it’s hosting several rootless user applications. Therefore, I plan to let them access the host’s 127.0.0.1:3306 so that they can share a single MySQL instance (running in a rootful Docker) and conserve resources.

In a rootless Docker, I can access the host’s 127.0.0.1 via 10.0.2.2 in container. However in a rootful Docker environment, it appears that unless MySQL is listening on 0.0.0.0, the service can’t be reached via the 172.17.0.1 gateway address.

rimelek · May 11, 2025, 7:53pm

Unless you want only specific containers to access the MySQL port, the docker bridge IP should be enough, but I wrote about a workaround here:

Topic		Replies	Views
Access Host Port from Container on localhost without --net host General docker	3	7016	November 11, 2016
Access to docker mysql from host Docker Hub	1	568	March 18, 2020
Accessing Docker container's by individual IP's Docker Hub	2	3901	August 1, 2021
How to access from php container to mysql container through localhost or 127.0.0.1? General	3	3956	August 6, 2019
Best way to connect a docker container to a locally installed MySQL DB? General docker	7	265	April 12, 2025

Unable to access host's localhost from container

Related topics