-1

Context: I am using docker-compose.yml to set up a container for the mongoDB, where network sets up as following

...
services:
    mongo:
        networks:
            mongodb_net:
                ipv4_address: 192.168.178.23
networks:
    mongodb_net:
        ipam:
            config:
                - subnet: 192.168.178.0/24
...

which is exactly the same as the IP address of my WiFi connection.

Question:

After the setting above, why some websites are not accessible anymore (e.g. PING doesn't return any packages) on my browser?

I tried to change the YAML file to other IP address, the problem resolves. But I want to understand what was the reason. Is it because that the docker service occupies the same IP as the WiFi so that interrupting the normal internet access?

Xingdong
  • 1,305
  • 2
  • 13
  • 18
  • I don't think you can define a subnet as a single IP '192.168.178.23'? what if you made it 192.168.178.0/16 – james May 06 '20 at 13:10
  • @james I'm sorry, that was a typo. I've updated the question. the subnet was defined as `192.168.178.0/24`, but seems the major problem still came from that the ipv4_address defined as identical to the WiFi IP address. – Xingdong May 06 '20 at 13:18
  • ok no problem, what websites stop working exactly? is it your websites hosted locally, or public websites? Docker will spawn its own private subnet on your wifi - so technically the IP addresses could match, but they're private addresses on two different networks so they should not conflict – james May 06 '20 at 13:25
  • @james some public sites like Amazon, GitHub, etc. are not accessible, both from browser and PING. (but Google, Gmail, Outlook are fine) When I disconnect and reconnect WiFi, they work for a few seconds, and then inaccessible again. – Xingdong May 06 '20 at 13:58

1 Answers1

1

Docker defines its own network setup. You can see some details of this on Linux running ifconfig and looking at iptables output. If you manually configure a Docker network to have the same CIDR block as your external network, you can wind up in a sequence where:

  1. I want to call 8.8.8.8.
  2. It's not on any of my local networks, so I'll route to the default gateway 192.168.178.1.
  3. That address is on the docker1 network 192.168.178.0/24.

...and the outbound packets never actually leave your host.

You should almost never need to manually configure IP addresses or networks in Docker. It has its own internal network setup and handles this for you. In a Compose context, Compose will also do some additional setup that you generally need, like creating a default network; Networking in Compose has more details.

To get access to a container from outside of Docker space, you need to publish ports: out of that container, and then it will be reachable on your host's IP address at the published port.

services:
    mongo:
        ports: ['27017:27017']
        # no networks: or manual IP configuration; just use the `default` network
David Maze
  • 130,717
  • 29
  • 175
  • 215