Docker custom network and custom bridge pool

Docker by default uses networks from 172.17.0.0/16 private range. This can sometimes conflicts with network you already have in your network environment. This will cause routing problems when clients from the same network subnets will try to access Docker services. In this case, Docker will route packets to containers instead back to clients.

To solve this, you need to define unused subnets and assign it to Docker. You can do this with daemon.json file.

Edit file (it if doesn’t exist, create it):

nano /etc/docker/daemon.json

Add this and edit to your needs:

{
  "bip": "172.17.192.1/26",
  "default-address-pools": [
    {
      "base": "172.17.192.64/28",
      "size": 29
    }
  ]
}

“bip”: “172.17.192.1/26” – This will be used for docker0 interface
“base”: “172.17.192.64/28” – This will be used for container bridges
“size”: 29 – Subnet prefix, means how large is going to be each bridge

Save file and restart docker:

service docker restart

In case you used docker-compose, first delete networks and containers with:

docker-compose down

In case you have more old bridges, list them with:

docker network ls

and delete with:

docker network rm network_name

or delete all networks with:

docker network prune

Alternatively, use a portion ob public network that you’re never going to use, for example:

{
  "bip": "100.100.100.1/26",
  "default-address-pools": [
    {
      "base": "100.100.100.64/28",
      "size": 29
    }
  ]
}

Or use host networking, this will bind container network directly to host. But you will lose container isolation with this method: https://docs.docker.com/network/host/

Leave a Reply

Your email address will not be published. Required fields are marked *