12

I'm "dockerizing" an app which does UDP broadcast heartbeating on a known port. This is with docker-engine-1.7.0 on a variety of hosts (Fedora, Centos7, SLES 12).

I notice that the 'docker0' bridge on the docker host and 'eth0' inside the container each have a broadcast address of 0.0.0.0.

Assuming admin privilege on the host I can manually set the broadcast address on docker0. Likewise in the container (if the container is running privileged or with NET_ADMIN, NET_BROADCAST), but I'm curious why the broadcast address isn't set by default. Is there a configuration option I'm missing for Docker to do this automatically?

Host:

# ifconfig docker0 broadcast 172.17.255.255 up
# tcpdump -i docker0 -p 5000

Container:

# ifconfig eth0 broadcast 172.17.255.255 up
# echo "Hello world" | socat - UDP-DATAGRAM:172.17.255.255:5000,broadcast

Broadcast from the host to the container also works once the broadcast addresses are set.

Chris Love
  • 121
  • 1
  • 3

1 Answers1

0

if you are passing NET_ADMIN to the Docker container, I would not use the docker0 network at all for your application.

If I understood correctly what you are trying to do, the UDP broadcast heartbeating on a known port is used by Docker containers that belong to different hosts to find each other, and not by different docker containers in the same host.

I would then recommend to use --net=host:

docker run --net=host --cap-add NET_ADMIN ....

Like this if you get a shell into the docker container, you will see that the network environment is exactly the same one of the host that is running the containers. If your application was running on that server earlier using UDP broadcast, it will work exactly in the same way in the docker container.

Saverio Proto
  • 1,085
  • 9
  • 20