Network internals

Network internals

Egress

Daemon provides local network

CIDR 172.16.0.0/12 (netmask 255.240.0.0)

172.16.0.0 - 172.31.255.255 (1.048.576 addresses)

Containers are assigned a local IP address

Outgoing traffic is translated (source NAT)

–

Network internals

Containers are not reachable directly

Incoming traffic requires published port

Published ports are mapped from the host to the container

Only one container can use a published port

–

Network internals

docker run –d --name nginx1 nginx
docker run -d --name nginx2 -p 80:80 nginx
docker ps