In recent articles, we talked about containers a lot like the below articles. In this article also we are going to continue the same trend and talk about how docker networking works.
To understand very basic docker networking we need some knowledge beforehand. Lets read about namespaces in linux, veth pair and bridge.
Namespaces:
Namespaces are a feature of the kernel which allows the partitioning of the system resources. One such resource is networking. Our network is there is default namespaces. We cannot see that because the whole OS uses the same namespaces.
Veth Pair:
It’s just like a link cable. Whatever you send on one end of the pair will be received at the other end.
Bridge:
Bridge generally sits in between two computers and based on the destination of the packet decides where to forward the packet to. You can consider bridges as switch.
Now, let’s start with Docker networking.
Whenever a new docker container comes up it has a veth pair by default. Now there are following namespaces that are present.
Network namespace for default network interface and container namespace for container.
One end of veth pair of the container reside in bridge and the other one resides in the container network namespace. Similarly, the other veth pair is between the bridge and network namespace.
Thus anything coming to network namespace destined to containers will be passed to bridge using the veth pair and bridge will forward the packet the corresponding veth pair depending on the destination. The other end of veth pair can receive packet that is a container.
This article was just about how bridge network works with containers. We will talk about other way in later posts.
Till then subscribe and stay updated. Join our facebook group or linkedin group for more updates.
