docker container can only access by host when the docker0 in promiscuous mode

Question

As the title. I can only access my docker container from the host when docker0 in promiscuous mode, even I had stopped my firewalld.service.

I start the container by this command docker run -p 9000:80 --name nginx --rm nginx.
And when I try to connect to the server: curl 127.0.0.1:9000, it returns: Recv failure: Connection reset by peer

But if I run tcpdump on the docker0 like this:
sudo tcpdump -i docker0
everything just works as expected. After some searching, I found the tcpdump command convert the docker0 interface to promiscuous mode.

my host system: centos-release-7-7.1908.0.el7.centos.x86_64
Docker version: 19.03.8

How are you starting the container? How are you trying to access it? Have you made changes to the default Docker network setup? — David Maze, Apr 27 '20 at 11:34

score 1 · Answer 1 · answered Apr 28 '20 at 03:21

1

Finally, I find a solution! It turns out to be a bad interface. I have to remove the docker0 interface and restart the docker service. Then the problem just disappears!

sudo ip link delete docker0
sudo systemctl restart docker.service

answered Apr 28 '20 at 03:21

欧阳维杰

1,608
1
14
22

docker container can only access by host when the docker0 in promiscuous mode

1 Answers1

Linked