Master Docker Networking: Bridge, Host, None, Container & Swarm Explained

Introduction

Docker networking is a core component that enables containers to communicate with each other, the host, and external networks. Selecting the appropriate network mode and driver is essential for building efficient, secure, and scalable container solutions.

Docker Network Modes

Bridge Network

The bridge mode is Docker’s default. When the Docker daemon starts, it creates a virtual bridge called docker0 on the host. Each container receives its own network namespace, IP address, and a virtual Ethernet interface eth0 that connects to docker0. Containers can communicate on a Layer‑2 network, but they are isolated from the host’s network and require NAT for external access.

Host Network

In host mode, a container shares the host’s network namespace, using the host’s IP address and network interfaces directly. No separate IP address or NAT is involved, which improves performance. However, isolation is reduced, and the container inherits the host’s security posture.

None Network

Provides no network interfaces except a loopback device.

Containers cannot reach external networks nor be reached from outside, making it suitable for isolated workloads or network‑debugging scenarios.

Container Network

With the container driver, a new container shares the network namespace of an existing container. Both containers use the same IP address and port space while keeping separate file systems and process lists.

Docker Network Drivers

Docker implements networking through Linux kernel features and a set of drivers, each suited to different scenarios:

bridge : Default driver for single‑host container communication.

host : Shares the host’s network stack.

overlay : Creates a distributed network across multiple Docker daemons, enabling cross‑host container communication via an internal DNS service.

macvlan : Assigns a MAC address to a container, allowing it to appear as a physical device on the host’s network.

ipvlan : Similar to macvlan but allocates IP addresses instead of MAC addresses.

none : Disables networking entirely.

Docker Network Configuration

Creating a network: docker network create [OPTIONS] NETWORK Example – create a default bridge network: docker network create my-network Example – create an overlay network:

docker network create --driver overlay my-overlay-network

Example – create a custom bridge network with specific subnet, gateway, IP range, and auxiliary address:

docker network create \
  --driver bridge \
  --subnet=172.25.0.0/16 \
  --gateway=172.25.0.1 \
  --ip-range=172.25.50.0/24 \
  --aux-address="my-router=172.25.50.10" \
  my-custom-network

Connecting a container to a network:

docker run --network <network-name> <other‑options> <image>

Or using the explicit connect command:

docker network connect my-network running-container

Docker Swarm Service Discovery and Load Balancing

When Docker runs in Swarm mode, it provides built‑in service discovery and load balancing. Each service receives a DNS name and a virtual IP (VIP). Containers can reach a service by name without knowing the underlying container IPs. Swarm automatically distributes traffic among multiple service replicas using the built‑in load balancer based on iptables and the overlay driver.

Conclusion

Docker offers a rich set of networking modes, drivers, and CLI commands that let users tailor container communication to their specific needs, from isolated single‑host setups to multi‑host, highly available Swarm clusters.