Docker containers can't communicate on the outside network
Clash Royale CLAN TAG#URR8PPP
We have a Docker host (A virtual machine) hosted on VMware. This docker host has two network interfaces. ens160 and ens192
- ens192 is configured with a normal IP address
- ens160 is configured without an IP address with promiscuous mode ON
- Promiscuous mode is also ON in the Port Group in vmware
- IP forwarding is enabled :
net.ipv4.ip_forward=1 - firewalld on the Dockerhost is off
Interfaces
[root@dockerone ~]# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
docker0 1500 393 0 0 0 1405 0 0 0 BMRU
ens160 1500 16034090 0 89 0 1255 0 0 0 BMPRU
ens192 1500 96324 0 1 0 6352 0 0 0 BMRU
ens160.2 1500 97658 0 0 0 362 0 0 0 BMPRU
Network Creation
docker network create -d macvlan --subnet=10.200.131.0/24 --gateway=10.200.131.1 -o parent=ens160.231 macvlan231
Container creation
docker run --name alp1 --net=macvlan231 --ip=10.200.131.191 -itd alpine /bin/sh
docker exec -it alp1 sh
docker run --name alp2 --net=macvlan231 --ip=10.200.131.190 -itd alpine /bin/sh
docker exec -it alp2 sh
The two containers can communicate with one another but not to the outside world.
linux centos docker vmware
edited Feb 19 at 10:56
Mr Shunz
3,45912128
asked Feb 19 at 10:45
RoadripperRoadripper
1
add a comment |
We have a Docker host (A virtual machine) hosted on VMware. This docker host has two network interfaces. ens160 and ens192
- ens192 is configured with a normal IP address
- ens160 is configured without an IP address with promiscuous mode ON
- Promiscuous mode is also ON in the Port Group in vmware
- IP forwarding is enabled :
net.ipv4.ip_forward=1 - firewalld on the Dockerhost is off
Interfaces
[root@dockerone ~]# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
docker0 1500 393 0 0 0 1405 0 0 0 BMRU
ens160 1500 16034090 0 89 0 1255 0 0 0 BMPRU
ens192 1500 96324 0 1 0 6352 0 0 0 BMRU
ens160.2 1500 97658 0 0 0 362 0 0 0 BMPRU
Network Creation
docker network create -d macvlan --subnet=10.200.131.0/24 --gateway=10.200.131.1 -o parent=ens160.231 macvlan231
Container creation
docker run --name alp1 --net=macvlan231 --ip=10.200.131.191 -itd alpine /bin/sh
docker exec -it alp1 sh
docker run --name alp2 --net=macvlan231 --ip=10.200.131.190 -itd alpine /bin/sh
docker exec -it alp2 sh
The two containers can communicate with one another but not to the outside world.
linux centos docker vmware
edited Feb 19 at 10:56
Mr Shunz
3,45912128
asked Feb 19 at 10:45
RoadripperRoadripper
1
add a comment |
We have a Docker host (A virtual machine) hosted on VMware. This docker host has two network interfaces. ens160 and ens192
- ens192 is configured with a normal IP address
- ens160 is configured without an IP address with promiscuous mode ON
- Promiscuous mode is also ON in the Port Group in vmware
- IP forwarding is enabled :
net.ipv4.ip_forward=1 - firewalld on the Dockerhost is off
Interfaces
[root@dockerone ~]# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
docker0 1500 393 0 0 0 1405 0 0 0 BMRU
ens160 1500 16034090 0 89 0 1255 0 0 0 BMPRU
ens192 1500 96324 0 1 0 6352 0 0 0 BMRU
ens160.2 1500 97658 0 0 0 362 0 0 0 BMPRU
Network Creation
docker network create -d macvlan --subnet=10.200.131.0/24 --gateway=10.200.131.1 -o parent=ens160.231 macvlan231
Container creation
docker run --name alp1 --net=macvlan231 --ip=10.200.131.191 -itd alpine /bin/sh
docker exec -it alp1 sh
docker run --name alp2 --net=macvlan231 --ip=10.200.131.190 -itd alpine /bin/sh
docker exec -it alp2 sh
The two containers can communicate with one another but not to the outside world.
linux centos docker vmware
edited Feb 19 at 10:56
Mr Shunz
3,45912128
asked Feb 19 at 10:45
RoadripperRoadripper
1
We have a Docker host (A virtual machine) hosted on VMware. This docker host has two network interfaces. ens160 and ens192
- ens192 is configured with a normal IP address
- ens160 is configured without an IP address with promiscuous mode ON
- Promiscuous mode is also ON in the Port Group in vmware
- IP forwarding is enabled :
net.ipv4.ip_forward=1 - firewalld on the Dockerhost is off
Interfaces
[root@dockerone ~]# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
docker0 1500 393 0 0 0 1405 0 0 0 BMRU
ens160 1500 16034090 0 89 0 1255 0 0 0 BMPRU
ens192 1500 96324 0 1 0 6352 0 0 0 BMRU
ens160.2 1500 97658 0 0 0 362 0 0 0 BMPRU
Network Creation
docker network create -d macvlan --subnet=10.200.131.0/24 --gateway=10.200.131.1 -o parent=ens160.231 macvlan231
Container creation
docker run --name alp1 --net=macvlan231 --ip=10.200.131.191 -itd alpine /bin/sh
docker exec -it alp1 sh
docker run --name alp2 --net=macvlan231 --ip=10.200.131.190 -itd alpine /bin/sh
docker exec -it alp2 sh
The two containers can communicate with one another but not to the outside world.
linux centos docker vmware
linux centos docker vmware
edited Feb 19 at 10:56
Mr Shunz
3,45912128
asked Feb 19 at 10:45
RoadripperRoadripper
1
edited Feb 19 at 10:56
Mr Shunz
3,45912128
asked Feb 19 at 10:45
RoadripperRoadripper
1
edited Feb 19 at 10:56
Mr Shunz
3,45912128
edited Feb 19 at 10:56
Mr Shunz
3,45912128
edited Feb 19 at 10:56
Mr Shunz
3,45912128
3,45912128
asked Feb 19 at 10:45
RoadripperRoadripper
1
asked Feb 19 at 10:45
RoadripperRoadripper
1
asked Feb 19 at 10:45
RoadripperRoadripper
1
1
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Ahh figured it out...
On the VMware virtual switch port group, all three need to be enabled:
1. Promiscous Mode
2. MAC Address Changes
3. Forged transmits
answered Feb 19 at 16:11
RoadripperRoadripper
1
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f501559%2fdocker-containers-cant-communicate-on-the-outside-network%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Ahh figured it out...
On the VMware virtual switch port group, all three need to be enabled:
1. Promiscous Mode
2. MAC Address Changes
3. Forged transmits
answered Feb 19 at 16:11
RoadripperRoadripper
1
add a comment |
Ahh figured it out...
On the VMware virtual switch port group, all three need to be enabled:
1. Promiscous Mode
2. MAC Address Changes
3. Forged transmits
answered Feb 19 at 16:11
RoadripperRoadripper
1
add a comment |
Ahh figured it out...
On the VMware virtual switch port group, all three need to be enabled:
1. Promiscous Mode
2. MAC Address Changes
3. Forged transmits
answered Feb 19 at 16:11
RoadripperRoadripper
1
Ahh figured it out...
On the VMware virtual switch port group, all three need to be enabled:
1. Promiscous Mode
2. MAC Address Changes
3. Forged transmits
answered Feb 19 at 16:11
RoadripperRoadripper
1
answered Feb 19 at 16:11
RoadripperRoadripper
1
answered Feb 19 at 16:11
RoadripperRoadripper
1
answered Feb 19 at 16:11
RoadripperRoadripper
1
1
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f501559%2fdocker-containers-cant-communicate-on-the-outside-network%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
