How to troubleshoot Docker network issues?

· Category: Docker

Short answer

Troubleshoot Docker networking by verifying network attachment, inspecting configurations, testing DNS resolution, and checking firewall rules. Tools include docker network inspect, ping, nslookup, and iptables.

Steps

  1. Verify the container is on the correct network with docker inspect.
  2. Check network configuration with docker network inspect <network>.
  3. Test connectivity from inside the container:
docker exec -it mycontainer sh
ping <target>
nslookup <hostname>
  1. Examine host firewall rules:
sudo iptables -L -v -n
  1. Review Docker daemon logs for errors.

Tips

  • Use a debug container with networking tools:
docker run --rm --network container:mycontainer nicolaka/netshoot
  • Check if DNS is working inside the container by inspecting /etc/resolv.conf.
  • Ensure MTU settings match between Docker and the host network.

Common issues

  • DNS resolution fails on the default bridge network; use custom networks.
  • Firewall rules block traffic between subnets.
  • Port mappings fail because the host port is already in use.
  • Overlay network issues often stem from incorrect Swarm setup or firewall blocking VXLAN ports.