Docker Community Forums

Share and learn in the Docker community.

Unable to ping google.com from container

I am not able to ping google.com, container default gateway 172.21.0.1 and host machine ip from the container. Even I tried to install docker after disabling all firewall rules.
I disabled the iptables rule using command ‘iptables -F’ .
Installed the Docker Engine - Community version 19.03.9.
redhat-release is Red Hat Enterprise Linux Server release 7.9 (Maipo)

I am stuck. Please help.

Can anyone help me to come out from situation

cat /etc/resolv.conf has entries like:
nameserver 115.112.X.Y
nameserver 115.112.X.Z

Inside the container route is:
image

What is missing in the configuration.

What happens if you restart the Docker service? Does the resolv.conf on the OS match the resolv.conf on the container?

While starting docker below is the log:

May 27 13:58:00 PRAWEEN systemd: Starting Docker Socket for the API.
May 27 13:58:00 PRAWEEN systemd: Listening on Docker Socket for the API.
May 27 13:58:00 PRAWEEN systemd: Starting Docker Application Container Engine…
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.824714986Z” level=info msg=“Starting up”
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.824970427Z” level=warning msg="[!] DON’T BIND ON ANY IP ADDRESS WITHOUT setting --tlsverify IF YOU DON’T KNOW WHAT YOU’RE DOING [!]"
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.825734349Z” level=info msg=“parsed scheme: “unix”” module=grpc
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.826096311Z” level=info msg=“scheme “unix” not registered, fallback to default scheme” module=grpc
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.826125538Z” level=info msg=“ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock 0 }] }” module=grpc
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.826137940Z” level=info msg=“ClientConn switching balancer to “pick_first”” module=grpc
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.827106933Z” level=info msg=“parsed scheme: “unix”” module=grpc
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.827122127Z” level=info msg=“scheme “unix” not registered, fallback to default scheme” module=grpc
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.827137335Z” level=info msg=“ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock 0 }] }” module=grpc
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.827145872Z” level=info msg=“ClientConn switching balancer to “pick_first”” module=grpc
May 27 13:58:00 PRAWEEN kernel: bio: create slab at 0
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.862610751Z” level=warning msg=“Usage of loopback devices is strongly discouraged for production use. Please use --storage-opt dm.thinpooldev or use man dockerd to refer to dm.thinpooldev section.” storage-driver=devicemapper
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.873201551Z” level=warning msg=“Base device already exists and has filesystem xfs on it. User specified filesystem will be ignored.” storage-driver=devicemapper
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.875842317Z” level=info msg="[graphdriver] using prior storage driver: devicemapper"
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.875862234Z” level=warning msg="[graphdriver] WARNING: the devicemapper storage-driver is deprecated, and will be removed in a future release"
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.903393342Z” level=warning msg=“mountpoint for pids not found”
May 27 13:58:00 PRAWEEN dockerd: time=“2021-05-27T13:58:00.903605046Z” level=info msg=“Loading containers: start.”
May 27 13:58:00 PRAWEEN firewalld: 2021-05-27 13:58:00 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C FORWARD -j DOCKER-ISOLATION’ failed: iptables v1.4.21: Couldn’t load target DOCKER-ISOLATION':No such file or directory#012#012Try iptables -h’ or ‘iptables --help’ for more information.
May 27 13:58:00 PRAWEEN firewalld: 2021-05-27 13:58:00 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -D OUTPUT -m addrtype --dst-type LOCAL -j DOCKER’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -D PREROUTING’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -D OUTPUT’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -X DOCKER’ failed: iptables: Too many links.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -X DOCKER-ISOLATION-STAGE-1’ failed: iptables: Too many links.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -F DOCKER-ISOLATION’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -X DOCKER-ISOLATION’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -n -L DOCKER’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -n -L DOCKER-ISOLATION-STAGE-2’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-1 -j RETURN’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-2 -j RETURN’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -C DOCKER -i docker0 -j RETURN’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -D FORWARD -i docker0 -o docker0 -j DROP’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -C PREROUTING -m addrtype --dst-type LOCAL -j DOCKER’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -C OUTPUT -m addrtype --dst-type LOCAL -j DOCKER ! --dst 127.0.0.0/8’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -C DOCKER -i br-9ab832f831ec -j RETURN’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -D FORWARD -i br-9ab832f831ec -o br-9ab832f831ec -j DROP’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-1 -i br-9ab832f831ec ! -o br-9ab832f831ec -j DOCKER-ISOLATION-STAGE-2’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-2 -o br-9ab832f831ec -j DROP’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -C DOCKER -i br-e188739c006a -j RETURN’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -D FORWARD -i br-e188739c006a -o br-e188739c006a -j DROP’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-1 -i br-e188739c006a ! -o br-e188739c006a -j DOCKER-ISOLATION-STAGE-2’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-2 -o br-e188739c006a -j DROP’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN dockerd: time=“2021-05-27T13:58:01.475120642Z” level=info msg=“Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address”
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t nat -C DOCKER -i docker0 -j RETURN’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -D FORWARD -i docker0 -o docker0 -j DROP’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C FORWARD -o docker0 -j DOCKER’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT’ failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2’ failed: iptables: No chain/target/match by that name.
May 27 13:58:01 PRAWEEN firewalld: 2021-05-27 13:58:01 ERROR: COMMAND_FAILED: ‘/sbin/iptables -t filter -C DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP’ failed: iptables: Bad rule (does a matching rule exist in that chain?).