Master Docker Networking: Bridge, Host, None, Container, Swarm Service Discovery

Introduction

Docker networking enables containers to communicate with each other, the host, and external networks. Selecting the appropriate network mode and configuring it correctly is essential for building efficient, secure, and scalable container solutions.

Docker Network Modes

Bridge Network

The default mode creates a virtual bridge docker0 on the host. Each container receives its own network namespace, IP address, and a virtual Ethernet interface eth0. Containers can talk to each other via the bridge, but they are isolated from the host’s external network and require NAT for outbound traffic.

Host Network

In host mode the container shares the host’s network stack, using the host’s IP address and ports directly. No separate network namespace is created, which eliminates NAT overhead and improves performance. However, isolation is reduced, and the mode is unsuitable for multi‑host communication.

None Network

Provides no network interfaces; the container only has a loopback interface.

Used for workloads that do not require network access or for network debugging.

Container Network

Allows a new container to share the network namespace of an existing container, reusing its IP address and ports while keeping separate filesystem and process spaces. This is useful for tightly coupled services such as a front‑end container sharing the network of a back‑end container.

Docker Network Drivers

Docker implements networking through Linux kernel features and a set of drivers, each suited for different scenarios.

bridge : Default driver; creates a local bridge for container‑to‑container communication on a single host.

host : Shares the host’s network stack; eliminates NAT but reduces isolation.

overlay : Builds a distributed network across multiple Docker daemons, enabling cross‑host container communication via an internal DNS.

macvlan : Assigns a MAC address to the container, allowing it to appear as a physical device on the host network.

ipvlan : Similar to macvlan but allocates IP addresses instead of MACs, offering greater scalability.

none : Disables networking entirely.

Docker Network Configuration

Create a Network

Use docker network create to define a new network, optionally specifying driver, subnet, gateway, IP range, and auxiliary addresses.

docker network create my-network

docker network create --driver overlay my-overlay-network

docker network create \
  --driver bridge \
  --subnet=172.25.0.0/16 \
  --gateway=172.25.0.1 \
  --ip-range=172.25.50.0/24 \
  --aux-address="my-router=172.25.50.10" \
  my-custom-network

Connect a Container to a Network

Attach a running container to a network with docker network connect or specify the network at container start using --network.

docker run --network my-network -d my-image

docker network connect my-network running-container

Docker Swarm Service Discovery & Load Balancing

Service Discovery

In Swarm mode, each service receives a DNS name and a virtual IP (VIP). Other services resolve the name via the built‑in DNS and reach the service through the VIP, abstracting away individual container IPs.

Load Balancing

When a service has multiple replicas, Swarm automatically distributes incoming requests across them using the internal load balancer built on Docker’s networking driver and iptables.

Conclusion

Docker offers a rich set of networking modes, drivers, and configuration commands that let you tailor container communication to a wide range of use cases, from isolated single‑container workloads to multi‑host, highly available services orchestrated with Swarm.