At my office's network I started getting this issue with internet access in docker last week. Here's what happens:
➜ docker run busybox nslookup google.com
;; connection timed out; no servers could be reached
➜ nslookup google.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 216.58.207.238
Name: google.com
Address: 2a00:1450:400f:80c::200e
➜ docker run busybox cat /etc/resolv.conf
# Generated by resolvconf
nameserver 8.8.8.8
nameserver 1.1.1.1
options edns0
➜ cat /etc/resolv.conf
# Generated by resolvconf
nameserver 8.8.8.8
nameserver 1.1.1.1
options edns0
➜ docker run busybox route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.17.0.1 0.0.0.0 UG 0 0 0 eth0
172.17.0.0 * 255.255.0.0 U 0 0 0 eth0
➜ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 3003 0 0 wlp59s0
10.180.91.0 0.0.0.0 255.255.255.0 U 3003 0 0 wlp59s0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 vboxnet0
➜ ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:72ff:fe03:3615 prefixlen 64 scopeid 0x20<link>
ether 02:42:72:03:36:15 txqueuelen 0 (Ethernet)
RX packets 32 bytes 1696 (1.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 91 bytes 11764 (11.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 116 bytes 13670 (13.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 116 bytes 13670 (13.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vboxnet0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.56.1 netmask 255.255.255.0 broadcast 0.0.0.0
ether 0a:00:27:00:00:00 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlp59s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.180.91.211 netmask 255.255.255.0 broadcast 10.180.91.255
inet6 fe80::bae8:a31d:41ba:b1b7 prefixlen 64 scopeid 0x20<link>
inet6 fe80::aa6d:aaff:fe2b:98a prefixlen 64 scopeid 0x20<link>
ether a8:6d:aa:2b:09:8a txqueuelen 1000 (Ethernet)
RX packets 64726 bytes 71990806 (68.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 21695 bytes 7359838 (7.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
➜ docker run busybox ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:200 (200.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
➜ docker network ls
NETWORK ID NAME DRIVER SCOPE
7596438b2c25 bridge bridge local
617a6542f360 host host local
2575c2c192a9 none null local
➜ docker run --network host busybox nslookup google.com
Server: 8.8.8.8
Address: 8.8.8.8:53
Non-authoritative answer:
Name: google.com
Address: 216.58.207.238
Non-authoritative answer:
Name: google.com
Address: 2a00:1450:400f:80c::200e
➜ docker run --network bridge busybox nslookup google.com
;; connection timed out; no servers could be reached
If I instead of using the office wifi use the hotspot through my phone, then I don't have this issue. However, no one else in the office has this issue. What can I do to debug this further?
Related
I need to use gdbserver in a docker container.
As the use of gdb in the host is scripted I need to set a static IP for my container.
The output of ifconfig is :
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 ****::**:****:****:**** prefixlen 64 scopeid 0x20<link>
ether **:**:**:**:**:** txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 60 bytes 8931 (8.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
I have tried :
docker run --name "myContainerName" --ip 172.17.0.124 --rm -it -p 7777:7777 myImgae /bin/bash
But inside the docker I get the output of ifconfig :
eth0 Link encap:Ethernet HWaddr ***:**:**:**:**:**
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2282 (2.2 KiB) TX bytes:0 (0.0 B)
The IP of my container is 172.17.0.2 and not 172.17.0.124 as I want
So I am wondering how the ip option works with the default subnet (docker0)
As suggested by an answer,
I found a workaround using "localhost" for my debuggind session instead of a specific ip address
I use docker-compose to operate with 3 containers and a network with the bridge driver.
Network is created with following command:
docker network create -d bridge --subnet 192.168.60.0/24 --gateway 192.168.60.1 mynet
The problem is that containers are not available by their address from host machine:
curl: (7) Failed to connect to 192.168.60.3 port 80: Connection refused. I know exactly that container is running and listening on the port.
From the inside of container host machine is unavailable either: curl: (7) Failed to connect to 192.168.60.1.
There must be some trouble with driver, because the network is not listed in interfaces. I did the same thing on another machine and found all docker networks with names likevethXXXXXXX. But on this machine ifconfig -a shows:
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:98:c3:b9:63 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 41250 bytes 11892280 (11.8 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 41250 bytes 11892280 (11.8 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.202.43 netmask 255.255.255.0 broadcast 192.168.202.255
inet6 fe80::65e5:6492:9305:2d71 prefixlen 64 scopeid 0x20<link>
ether d4:3b:04:74:5c:48 txqueuelen 1000 (Ethernet)
RX packets 693406 bytes 537178014 (537.1 MB)
RX errors 0 dropped 884 overruns 0 frame 0
TX packets 2803399 bytes 572926991 (572.9 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
What kind of problem it could be? Why the network is not shown in interfaces list?
I am trying to connect my container to a device that is on a private network. I have tried using the host network and exposing a port but when I do that I get the following warning
WARNING: Published ports are discarded when using host network mode
I then tried using the following code to and tried to ping my device network from the container but still it didn't work.
docker network create -d macvlan --driver=bridge --subnet=10.112.65.0/16 --ip-range=10.112.65.0/24 --gateway=10.112.65.1 -o parent=eth0 demo_net
docker run --name DemoTest --net=demo_net --ip=10.112.65.103 --entrypoint /bin/bash -it Demo_Test
Does anyone know how I would be able correct this?
docker run --name Demo --network=host --entrypoint /bin/bash -it test
root#docker-desktop:/# ifconfig
br-0ae4bcee0a03: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 10.112.65.1 netmask 255.255.0.0 broadcast 10.112.255.255
inet6 fe80::42:7eff:fe95:61a6 prefixlen 64 scopeid 0x20<link>
ether 02:42:7e:95:61:a6 txqueuelen 0 (Ethernet)
RX packets 80 bytes 2632 (2.6 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 22 bytes 2040 (2.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:3bff:feef:7ff6 prefixlen 64 scopeid 0x20<link>
ether 02:42:3b:ef:7f:f6 txqueuelen 0 (Ethernet)
RX packets 1003286 bytes 68950091 (68.9 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2844246 bytes 4108532649 (4.1 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.65.3 netmask 255.255.255.0 broadcast 192.168.65.255
inet6 fe80::50:ff:fe00:1 prefixlen 64 scopeid 0x20<link>
ether 02:50:00:00:00:01 txqueuelen 1000 (Ethernet)
RX packets 3362882 bytes 4867367901 (4.8 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1170907 bytes 92178571 (92.1 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 3353 bytes 1020141 (1.0 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3353 bytes 1020141 (1.0 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
services1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.65.4 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::78ba:60ff:fe3c:17c prefixlen 64 scopeid 0x20<link>
ether 7a:ba:60:3c:01:7c txqueuelen 0 (Ethernet)
RX packets 454 bytes 58899 (58.8 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 456 bytes 32795 (32.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root#docker-desktop:/# ping 10.112.65.3
PING 10.112.65.3 (10.112.65.3) 56(84) bytes of data.
^C
--- 10.112.65.3 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2063ms
I am trying to set up a pihole docker instance running on a macvlan on a Raspberry Pi 4B.
I am unable to ping the external internet from my container.
I've managed to reduce the problem for replication:
Create a macvlan on wlan0, which has promiscuous mode enabled.
Launch a docker container and attempt to ping the external world.
Details:
I'm running a raspberry pi 4, using the wlan0 interface. I have enabled promiscuous mode on wlan0
I create the macvlan network with docker network create -d macvlan --subnet=10.0.37.27/24 --gateway=10.0.37.1 --ip-range 10.0.37.65/29 -o parent=wlan0 --aux-address="pi4=10.0.37.69" macvlan0 - this creates a child interface called macvlan0 under wlan0. This means that containers will get assigned IP's from .65-.70
I then run a busybox container to ping my wlan0 physical IP: docker run --net=macvlan0 busybox ping 10.0.37.27. This works.
If I try to ping 1.1.1.1 or even the gateway at 10.0.37.1, it fails
I verified the routing table is correct with docker run --net=macvlan0 busybox ip route get 1.1.1.1 and I get a result 1.1.1.1 via 10.0.37.1 dev eth0 src 10.0.37.64, which is perfectly reasonable.
Analysis:
I don't understand what is going on. I'm able to ping my container from my host, and my host from my container ( I set up a macvlan-shim).
My ip route and route -n show reasonable routing tables
And yet, ping externally fails. I'm very confused.
ifconfig on the pi4
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:c5:da:e3:84 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether dc:a6:32:08:56:eb txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 483666 bytes 87269371 (87.2 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 483666 bytes 87269371 (87.2 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
macvlan-shim: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.37.69 netmask 255.255.255.248 broadcast 0.0.0.0
inet6 fe80::bcd6:6fff:fe61:4eaf prefixlen 64 scopeid 0x20<link>
ether be:d6:6f:61:4e:af txqueuelen 1000 (Ethernet)
RX packets 94178 bytes 21676941 (21.6 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 227298 bytes 9556744 (9.5 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
inet 10.0.37.27 netmask 255.255.255.0 broadcast 10.0.37.255
inet6 fe80::dea6:32ff:fe08:56ec prefixlen 64 scopeid 0x20<link>
ether dc:a6:32:08:56:ec txqueuelen 1000 (Ethernet)
RX packets 401557 bytes 108910986 (108.9 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 719387 bytes 112456816 (112.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|----------------------------------------|
| |
| |--------------------------------| |
| | | |
| | docker(CentOS) 172.18.0.2 | |
| |--------------------------------| |
| |
| Virtual Machine(CentOS) 192.168.27.143 |
|----------------------------------------|
Windows 192.168.137.123
Windows can ping Virtual Machine
Virtual Machine can ping Windows
Virtual Machine can ping docker
Docker can ping Virtual Machine
Docker can ping Windows
BUT WINDOWS CAN'T PING DOCKER(request time out)
ifconfig on Virtual Machine
[root#docker ~]# ifconfig
br-fff1cd703408: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::42:7bff:fe3f:7669 prefixlen 64 scopeid 0x20<link>
ether 02:42:7b:3f:76:69 txqueuelen 0 (Ethernet)
RX packets 5 bytes 378 (378.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 18 bytes 1480 (1.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:b6:b4:25:97 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.27.143 netmask 255.255.255.0 broadcast 192.168.27.255
inet6 fe80::5634:e3d1:16db:c070 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:ee:e9:81 txqueuelen 1000 (Ethernet)
RX packets 434 bytes 41635 (40.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 289 bytes 32577 (31.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 3 bytes 312 (312.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3 bytes 312 (312.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vethdd8e4ad: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::e467:dcff:fe56:3d24 prefixlen 64 scopeid 0x20<link>
ether e6:67:dc:56:3d:24 txqueuelen 0 (Ethernet)
RX packets 5 bytes 378 (378.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 18 bytes 1480 (1.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ifconfig on docker
[root#master /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.0.2 netmask 255.255.0.0 broadcast 172.18.255.255
ether 02:42:ac:12:00:02 txqueuelen 0 (Ethernet)
RX packets 31 bytes 2530 (2.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 18 bytes 1428 (1.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker commit -m "hadoop" -a "hxp" def8faf07d6b hxp/hadoop:1.0
docker network create --driver=bridge --subnet=172.18.0.0/16 hadoop-net
docker run -itd -h master --name master --network hadoop-net --privileged -v /opt/docker:/opt/docker --ip 172.18.0.2 -p 50070:50070 -p 8088:8088 hxp/hadoop:1.0 /usr/sbin/init
I try route add on Windows, but it didn't work
route add 172.18.0.0 mask 255.255.0.0 192.168.27.143