BestHub
Sign in
Cloud Native 27 min read

Docker Container Networking and Network Modes Explained

This article provides a comprehensive guide to Docker container networking, covering the default networks, the four network modes (bridge, container, host, none), Linux network namespaces, veth pair creation, and practical container operations such as hostname configuration, DNS settings, port mapping, and custom bridge setup.

Top Architect
Top Architect
Top Architect
Docker Container Networking and Network Modes Explained

Docker Container Network

Docker automatically creates three default networks— bridge , host , and none —which can be listed with docker network ls . The default bridge mode creates a virtual bridge docker0 on the host, assigns each container a unique IP address (Container‑IP), and uses the bridge as the default gateway, allowing containers on the same host to communicate directly.

Docker's Four Network Modes

bridge : The default mode; containers connect to the docker0 bridge and obtain an IP from its subnet. Port mapping is performed via iptables DNAT rules (e.g., docker run -p 8080:80 … ).

container : Shares the network namespace of an existing container, using the same IP and ports while keeping separate file systems.

host : Shares the host’s network namespace; the container uses the host’s IP and ports directly, offering the best network performance but no isolation.

none : Provides an isolated network namespace with only a loopback interface; no network interfaces or IP are configured, suitable for tasks that do not require network access.

Network Namespace Operations

Linux network namespaces can be managed with the ip netns command. Example workflow:

# ip netns add ns0
# ip netns list
ns0
# ip netns exec ns0 ip link set lo up
# ip netns exec ns0 ip addr add 192.0.0.1/24 dev eth0

Two namespaces can be linked with a veth pair :

# ip link add type veth
# ip link set veth0 netns ns0
# ip link set veth1 netns ns1
# ip netns exec ns0 ip link set veth0 up
# ip netns exec ns0 ip addr add 192.0.0.1/24 dev veth0
# ip netns exec ns1 ip link set veth1 up
# ip netns exec ns1 ip addr add 192.0.0.2/24 dev veth1
# ip netns exec ns0 ping 192.0.0.2

The ping succeeds, demonstrating communication between the two namespaces via the veth pair.

Common Container Operations

View or set the container hostname: docker run --hostname myhost … .

Specify DNS servers: docker run --dns 114.114.114.114 … .

Add custom host entries: docker run --add-host example.com:1.1.1.1 … .

Expose container ports to the host with -p (e.g., docker run -p 192.168.203.138::80 httpd ) and view mappings via docker port .

Create custom bridges: edit /etc/docker/daemon.json (e.g., set "bip": "192.168.1.5/24" ) and restart Docker.

Launch containers on a user‑defined bridge: docker network create --driver bridge --subnet 192.168.2.0/24 --gateway 192.168.2.1 mybridge then docker run --network mybridge … .

These commands illustrate how to configure networking, isolate containers, and enable communication between containers and the host in various deployment scenarios.

DockerBridgeContainer NetworkingVethNetwork ModesHostLinux NamespaceNone
Top Architect
Written by

Top Architect

Top Architect focuses on sharing practical architecture knowledge, covering enterprise, system, website, large‑scale distributed, and high‑availability architectures, plus architecture adjustments using internet technologies. We welcome idea‑driven, sharing‑oriented architects to exchange and learn together.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment