I am running a docker host with Server 2016. I have a service inside of the container which sends UDP traffic on port 1234 and listens for a response on 1234. I am using a transparent docker network.
My problem is that the service in the container never receives the response, even though I can verify an outgoing and incoming UDP message at port 1234 with wireshark.
To create the docker network I issued this command:
docker network create -d transparent --subnet=192.168.1.0/24 --gateway=192.168.1.1 TransparentNet3
This created a transparent network with an IP of 192.168.1.115
I executed docker run like so…
docker run --name acm_instance_rev20_x -i -t -p 135:135 -p 1433:1433 -p 5330:5330 -p 5331:5331 -p 5332:5332 -p 5333:5333 -p 5334:5334 -p 5335:5335 acm_instance_rev20_image cmd
When I trigger the service in the container to poll the network endpoint via UDP (IP of 192.168.105.40) I see a message go to the endpoint via wireshark:
208 6.401078 192.168.1.115 192.168.105.40 UDP 90 23264 → 1234 Len=48
And I see the endpoint respond via wireshark to the transparent network IP (192.168.1.115):
238 7.522921 192.168.105.40 192.168.1.115 UDP 89 1234 → 1234 Len=47
However, the service in the container never receives the response message.
If I send a TCP message then the service in the container receives the response traffic. Example…
TCP message going from transparent network IP 192.168.1.115 to endpoint at 192.168.4.43:
894 9.227289 192.168.1.115 192.168.4.43 TCP 62 46580 → 5110 [PSH, ACK] Seq=1 Ack=1 Win=262656 Len=8
TCP message response coming back from endpoint at 192.168.4.43 to transparent network IP 192.168.1.115:
914 9.671135 192.168.4.43 192.168.1.115 TCP 70 5110 → 46580 [PSH, ACK] Seq=1 Ack=9 Win=5840 Len=16
Again, I am using Server 2016 so this fails:
PS C:\Users\Public\Downloads> docker run --name acm_instance_rev20_x -i -t -p 135:135 -p 1433:1433 -p 5330:5330 -p 5331:5331 -p 5332:5332 -p 5333:5333 -p 5334:5334 -p 5335:5335 -p 127.0.0.1:1234:1234/udp acm_instance_rev20_image cmd C:\Program Files\Docker\docker.exe: Error response from daemon: failed to create endpoint acm_instance_rev20_x on network nat: Windows does not support host IP addresses in NAT settings.
If I do this then 1234 gets blocked and wireshark shows UDP going out but not going in:
docker run --name acm_instance_rev20_x -i -t -p 135:135 -p 1433:1433 -p 5330:5330 -p 5331:5331 -p 5332:5332 -p 5333:5333 -p 5334:5334 -p 5335:5335 -p 1234:1234/udp acm_instance_rev20_image cmd
I would appreciate any help. I’m learning docker and fine points of networking at the same time. I think that UDP is blocking itself at some level before it reaches the container but not sure how to resolve.