Docker Networking Tutorial, ALL Network Types explained!

Okay, watching this at normal speed!

Yet another great video! I've recently been struggling setting up two piholes on the same host and your explanation of macvlan was 1000% times more concise than every other forum that I've read through over the past couple days. Keep up the great work! Liked and subscribed!

Incredible video. I’m currently binge watching your channel and I’m amazed by the the quality of all your content. Keep it going man, you are great!

Your videos are absolutely fantastic!! I used some of your tutorials to stand up docker / portainer on my raspberry pi to self host some things without having a potentially power hungry and noisy desktop running 24/7. I greatly appreciate the time you take to provide these wonderful videos!

I created a docker instance in VMWare ESXi and proceeded to follow your instructions. I could not get past the part where I assigned the newly created macvlan to an nginx container for example. The fix was to configure "Promiscuous Mode set to Accept" in my VMWare network settings. In case anyone should run into the same issue. Thank you for sharing Christian. Much appreciated as always. All the best in 2024.

This is probably one of the best explanations ive seen.

i'll be completely honest, i was literally thinking about this and probably mentioned it out loud near my computer and "boom" this was in my homepage waiting. I was trying to figure out if I should build a lab using containers w/ static IP's or just use Virtualbox in bridged mode so this really helped me.

I can appreciate this video.... It has helped my understanding greatly... My only suggestion would be to be careful on use of the term "Host" it can be quite confusing to follow because at times When you say "Host" you are referring to the Docker engine itself as a"Host" to/of the Containers via various "Docker Networks" and their "Docker Network Drivers" other times you are referring to the "Host" as in the machine running/"Hosting" the Docker Engine itself, there is a difference between the 2 and it helps to know which one you are referring to when following along! This is important when you are discussing the "Host Driver" vs "MacVlan Driver" and "IP Vlan Driver" because the Host in which you are referring to is the Physical or Virtual Machine "Hosting" the Docker engine! Took me a while to make this distinction and as a result I WAS GREATLY CONFUSED for a good minute! 😂... All in all... Excellent video! 👏👍

Hello Christian,
your videos are great, from my side perfect to understand. Please stay tuned, I learned so much.

As a newbie to understanding Docker concepts I can appreciate this video 👏.... It has helped my understanding greatly... My only suggestion would be to be careful on use of the term "Host" it can be quite confusing to follow because at times When you say "Host" you are referring to the Docker engine itself as a "Host" to/of the Containers via various "Docker Networks" and their "Docker Network Drivers" other times you are referring to the "Host" as in the machine running/"Hosting" the Docker Engine itself, there is a difference between the 2 and it helps to know which one you are referring to when following along! This is important when you are discussing the "Host Driver" vs "MacVlan Driver" and "IP Vlan Driver" because the Host in which you are referring to is the Physical or Virtual Machine "Hosting" the Docker engine! Took me a while to make this distinction and as a result I WAS GREATLY CONFUSED for a good minute! 😂... All in all... Excellent video! 👏👍

Nice video cristian. The explanation was concise. Just learned about the macvlan through your video. Thanks.

I spent probably 3h figuring out how to assign another external IP to a Bind9 container, doing a lot of research and trying with ChatGPT.
Found your video, solved in 5min !!!

Thank You man! I was just randomly watching this video and figured out how to solve port 53 issue for pi-hole in docker

even if the video is 1 year old it made my day!!! Thanks Chris very clear and well done

This is exactly what I was looking for! Thank you for the clear and concise explanations for all the different network configs, and also for stepping through each.

Thanks!

Finally somebody who explains that stuff clearly and without jargon! Thank you so much for your contributation!

This is a great, clear and concise explanation of these different network types. :)

4:21 - DNS limitation by using the DEFAULT bridge network
6:20 - network troubleshooting docker image
10:51 - mentioned about PI-hole (adguard like) issue

Great job, Christian. Very clear and informative... as always. Thanks

What a concise, well structured and informative video!

So amazing, this video saves me a lot of research 🧐. Well, thanks a lot bro!

This video was really helpful for me to get a nice quick understanding of docker networking, thank you!

very useful video, I solved one of my docker issues right after watching this!

Earned a subscriber with this one!! This helped me fix my Docker home assistant network problem!

I just started watching and I hope this lands nicely! You sound exactly like 'Klaus' on 'American Dad'
I love the show, by the way.
Now I'm going to watch your video!

Excellent video. Great examples and explanations.

Best docker video i've watched. Super informative.

Thank you for this refresher on docker networking. Has fixed my issue with trying to get HADR for Sql Server instances running in docker

VIelen Dank! Ich kann nicht verstehen, wie Menschen hier downvoten..
Very interesting! As a guy having a new job in IT as a career changer i need to close alot of knowledge gaps of stuff which seems to be common sense in IT. I like your style!

Thanks for the insight on the various network drivers on docker. I blindly used a macvlan from a tutorial for pihole but wanted to understand how it works.

Thanks for explanation of Host Network. Your my Man, you saved my Day/Night :)))

this is very good stuff, well explained. going to check that with dockerized pi-hole or adguard. thanks a bunch!

This was extremely helpful. Thank you !

Thanks for the video! I needed this one.

Really good video. Very well explained and well produced. You got yourself a new suscriber 👍🏽

Now I have watched your video - it was very informative. Thanks much for this. Much appreciated! 😎😎

Bro! Thanks for the video, but the biggest thanks for picture on your t-shirt! I had such poster on my wall in 90th! That's awsome))

Thanks ! Great explanations. Have a nice day

Very clear and precise. All your videos are amazing. Thanks Cristian!

Thanks a lot. I'm using syncthing in docker and the connection was always over relays. Using the host network driver solved the problem and now is over tcp lan.

Awesome as always! Thanks for sharing

Moin Moin,
Best explanation ever! keep up.

Nice video!! Am considering to use vlans of my router rather than a custom docker network to seperate dockers / services from each other. But I wonder that the benefits of that really would be? I can use the firewall for more granular interlan access rules but would also increase the load my firewall. Appreciate any insights ❤

Hi Cristian, this is a another great video. The Macvlan part is something I've been searching and searching for, always coming to a dead end. The way you have explained and demonstrated it is spot on and has solved my issues, and I've actually learned something! :)

simple explanation even with examples, great stuff!

Really informative. Just stumbled on to your channel. Fast paced and great information. Just managed to keep up as I'm completely new to docker. Subscribed to your channel. Thanks 🙂

Clear and too the point, that's what I was looking for !! Thank you so much

I am into 4 mins in the vid now, and I love it already, I am just learning docker and I never thought that docker could have a network(IP) since it runs on top of the OS. Gonna add this to my list of docker reference in the future.

it would be helpful if you can make a dedicated video on overlay networks and try to install Traefik and Portainer in swarm mode.

Nice tutorial, I knew a lot about networks in docker but learnt a couple of things, including the netshoot container, very useful.
Something that was not mentioned: macvlan containers can't reach bridge containers with their internal IP address (172.16.x.x), they can only reach the host ip and port, is this correct?
I created a traefik container and bound it to macvlan to make it get a distinct IP address, but it was unable to reach any container until I added a second network for traefik on the bridge network.

Thanks for this video and especially for the netshoot hint. This was something I missed a lot - until now ;-)

short, useful , great, awesome thanks alot

Great video, started watching network chucks got confused and came to your video. Makes a lot more sense. Couldn't find your cheat sheet in Github though :(

Hi Christian this has been excellent. When you created the macvlan why did you specify it on a different subnet '/32'?

Great explanation. I noticed a lot of people say you shouldn’t make the macvlan ips static … or at least minimize the static ips.
Are the only required static IPs you would need be a reverse proxy manager and a recursive DNS server?
You should be able to reference the host/container name in the proxy instead of an IP if the container is on the same network.
However the dns server will require an IP for the reverse proxy and the recursive server.
Is there another way?

"Who needs swarm?'" everyone who wants a simple cluster running one command "docker swarm init"

this guy knows his shiat. bravo !

Just getting started with docker and loving it. One thing I am struggling with is getting IPvLAN L2 working with fixed IP addresses through compose when the ipvlan already exists on the host, jus seem to get one error after another when specifying the existing network. I've got multiple USB interfaces on a debian instance loaded on a PC and am using IPvLAN as alternative to macvlan and having to setup promiscuous mode although I have macvlan 802.1q working on another host so I have no issue with the concept and have a good understanding of networking as a whole. I've setup an ipvlan with fixed addresses for a ipam container with a separate container for the database and this works no problem but I had to setup the containers the old fashioned way.

This was very helpful. Thank you!

Thx macvlan is what i needed for some containers

Your video is fantastic

Wow. Just wow. Thank you!

wonderful work

Loved this, thank you. I now feel like I have the knowledge to solve my current Docker networking problem - excited to try!

You're wonderful 👍

Great video! You cleared up my confusion on docker network. BTW! What are you using to show the AD block statistics in your browser startpage?

What ist your terminal you use in 17:19? I like it!

Hi, can macvlan take effect in the virtual machine, after I configure macvlan in the VMware virtual machine, the container cannot ping any ip or even the host

Awesome brother

Awesome video, really liking your content 🔥 I was wondering if you could help clear up something. In portainer I'm able to change the network of a container to 'container' mode that allows me to run containers through another containers network. In my case I run containers through a VPN container. However how is this done in a Docker compose file?

Interesting! What type of network should I use for my home server setup and run containers behind wireguard client for my torrenting?

Great video! Thanks! I’m on a mac and have had a gard time getting ipvlan to work over the wifi. As for now, I just need some containers for development tools (web dev) and would really like to get their own ip-numbers rather than running them as localhost… seems like it’s not as easy on Mac OS as in Linux at the moment. Any ideas? Cheers!

Excellent explanation

Great videos dude! can i ask why Owasp says we should set ICC to false? I am guessing they just mean they want us to use custom networks?

Very nice video, THX.

Thank you Christian for this great explanation. I do have a question is it possible to have a container in two networks? I'm trying to create a compose file with PiHole and Unbound. The Pihole has a macvlan for my network and also a bridge to communicate to unbound. But every time I want to compose it the bridge network on the PiHole gives an error Cannot start service pihole: No available addresses on this pool. IS it even possible to create a container in two different networks?

Greetings from Argentina

Hello Christian,
Many thanks for the video
where is the cheat sheet located, I visited your github and I cant find it, seems you have changed the location since your video
hope you can share link
thanks

Great video.

Great video!

Great stuff! Thanks!

Hello, Your video is what i needed . But I woul dlik eto do the same on MAC OSX . what is the solution to have two static IP on my HOST OSX?

Much appreciated, sir. Home Assistant and Plex containers conflict listening the same 1900 port while running on bridge connection fe

1. Can you modify the default bridge (name, ip, subnet, type) ?
2. When you create a custom network, how do you tell it what type to create, ip-range, subnet, etc...
3. Type shown: Host, Bridge, Null?, macvlan, ipvlan. Are there more ?
4. Can you change the default bridge that docker use for new containers?
5. Can any of these network do dhcp ip reservation using mac-address, or support static ip-address?
6. Does any of the network support ipv6, default seems to be ipv4?

Great video! One thing I noticed is that in WSL2 with Docker Desktop the behavior is rather different - when you create a new bridge network there is no interface created. I wonder how it works in this case.

That search-result seemed to be the answer to all my problems; I'm running PhotonOS ( docker environment for ) on my ESXi and just cannot figure that out. I cannot ping the host, nor does it seem like it got to talk to my router ( according to the devices list ).
How should I debug this?
I tried to enable promiscuous mode for the vmswitch but it is still not working.

great job.

Nice. Just a quick question, if we can ping a device (in a macvlan network) from another device in a spearate network, why is the scope local?

do you have a color preset? loving the purple on black.

You can just drop grep and use `ip a ` instead

Hey I I love your content and im learning a lot , can you please advise , How should the network from traefik be configured if i want it to also ping another internal server ?

Thank you so much

I commend you for a good video. Unfortunately, macvlan doesn't work so well on windows with WSL.

Nice video, TNX

Hello! awesome videos as always, I'm struggling to achieve two docker hosts on a physical server that has two ethernet ports, on of the hosts should expose a service in one of the ethernet ports and the other host should connect and receive data from services in the other port, this is an overlay network use case for what it looks like, or is there another way?

HI Always a big fan of your tuto, i´m wondering, can you advise me a good open source on-premise cloud ?

I am a tech professional of over 35 years and I am learning Docker on my own. I understand networks well but in beginning to think about how I want networks deployed.
I would prefer having a subnet that is container only. If I did this would I still use bridge or macvlan driver?

Hi, first I love this and the other videos. Just a question.
Is it possible to do this in docker-compose? And how do I do that?
I tryed it but it did not work for me.
Keep up the good work.

docker swarm good for small proj