Posted on Wednesday January 12, 2022
zigron | 2 min read

Docker Networking

Blog Image

Reading Time: 2 minutes

What is a Docker Container?

Containers are generally considered as an executable software unit in which application code is packaged, with all its dependencies to run applications rapidly anywhere, whether it be on desktop, traditional IT, or the cloud. Containers are a streamlined way to build, test, deploy, and redeploy applications in multiple computing environments. A Docker container image is a standalone and executable kind of package of software that includes code, settings, runtime, system tools, system libraries and everything that can be required to run an application.

Core features of Docker containers are the following:

Today we are going to look at the Containers Networking Model. The Network Connectivity Options for Containers are the following:

The container is merely a process in a host running a container runtime (like Docker) and living in its own controlled namespace that shares the kernel of that host. It does not rely on any hardware emulation. Contrary to the process virtual machines work, there will be no connection between containers and emulated hardware like a “virtual network interface card”, instead it will share one or multiple network interfaces or networking spaces of the host where it lives. We can connect the container to the same network interface and namespace that the host used ( “eth0”), else we can interlink it to a kind of “internal” virtual networking interface of the kernel and then do different things to map between this internal interface and the outside world.

All the different options of “Networking Mode” with their benefits and compromises.

To view docker networks, docker network is:

HOST Mode:

# docker run –dit –network hostname test alpine

The inside configuration of the container resembles the outside configuration of the container which means it enables a container to connect to your host network.

# docker inspect test


In Bridge Mode, a “docker0” virtual ethernet bridge created by Docker daemon that moves the packets between all interfaces attached to it. Inspect this network a little bit more by using the inspect command and specifying the name or ID of the network.

# docker network inspect the bridge

# docker network create -d bridge my-bridge-net

# docker network ls

# docker network inspect mohsin-net

# docker run –dt  – – name test –network mohsin-net alpine

# docker inspect test

NONE Mode:

It provides a container-specific network stack that does not contain a network interface. This container only has a local loopback interface (i.e., no external network interface).

# docker run -it –network=none –name test ubuntu:14.04 /bin/bash

# docker inspect test | grep “NetworkMode”

# docker inspect test | grep -i ipaddr

Overlay Network

To set up additional layers of network abstraction that is layered on top of a physical network, an overlay network uses software virtualization. An overlay network in docker utilized for multi-host network communication.

Virtual Extensible LAN (VXLAN) technology is used by this driver that aims to provide portability between cloud, on-premise and virtual environment. Whereas VXLAN extends portability limitations by increasing layer 2 subnets across layer 3 network boundaries, therefore containers can run on foreign IP subnets.

By reading this article you will get ideas about the multiple available options for connecting your dockerized container applications with the network.



Zigron is a very good company.As every organizational risk appetite, priorities and budget vary, a keen consideration of which model will be compatible with your organization should be implemented. Whereas certain priorities and requirements change gradually, hence a routine analysis of the chosen SOC solution should be conducted.

Most Viewed


AWS blogs.

Cyber Security

Docker Networking

Cyber Security

SOAR: An Automated approach against Security Incidents


Devops Blog for testing.

  • Share

Related Blogs