I have docker installed on my local but I can not ping it in Mac but I can ping on Ubuntu for same thing.
$ docker inspect -f '{{ .NetworkSettings.IPAddress }}' n1
172.17.0.2
$ ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
^C
--- 172.17.0.2 ping statistics ---
7 packets transmitted, 0 packets received, 100.0% packet loss
I installed docker on mac following https://docs.docker.com/docker-for-mac/
That's normal.
Take a look at your Mac's interface config - there is no 172.x.x.x network on the Mac itself. Those live in the xhyve Linux VM that is actually hosting Docker.
Network connections are mapped through when you use port maps (e.g. docker run -p ...) but ping will not work like this.
It is not just ping. As commented in issue 155
xhyve vm inside Docker for Mac hasn't no Network Adapter. Or routable IP like boot2docker (192.168.100.99 like that)
With boot2docker and a route command its possible to Route all the Container ips to the vm Network.
We need this for xhyve.
(there are a lot of threads on this topic in Docker for Mac forum)
Related
Expected behavior
I expect the ping to be the same on the host OS than in the Docker
Actual behavior
I use Linux Container
Ping Test done on www.google.com
ping on the host OS : 6ms
ping in the docker : 11ms
Information
Windows Version: 10 build 1903
Docker Desktop Version: 2.1.4.0
I have a Docker with Fedora 29 inside.
I observed that the ping in the docker is very high compare to the ping from the host OS.
Even when i ping a site like google, the ping is higher in docker.
I also try the ping with the fedora remix distribution in WSL 2 and the ping is the same than the host OS (6ms).
WSL use Hyper-V also so i think the problem came from docker VM.
docker network : "bridge".
network card : vEthernet (Docker NAT)
I try to observe the network flow with wireshark.
On the ethernet adapter i see that the" requets ping" are the same on both Windows and Docker and the response time is the same.
But impossible to observe the packet transfert from "ethernet adapter" to "vEthernet DockerNAT" with wireshark.
This is a big problem for me because i use this docker for transferring file by sshfs and the download speed is 4 times slower with docker than WSL 2.
Do you have some idea ?
Thanks for reading :)
After installed the ClickHouse on Ubuntu 18.04.2 in Hyper-V VM, I use clickhouse-client inside the VM to connect, it works fine.
I used the browser in Host PC to open http://127.27.16.11:8123, it shows ERR_CONNECTION_REFUSED error. Then I edit the /etc/clickhouse-server/config.xml and uncomment the 0.0.0.0 and restart the clickhouse-server. I refresh the browser and it shows OK status.
However, when I use clickhouse-client inside the VM to connect server again, it prompts Connection refused. Is there any way to enable both local and remote connection?
Also tried to enable both IPv4 and IPv6
::
0.0.0.0
ubuntu02:/$ clickhouse-client
ClickHouse client version 19.11.3.11 (official build).
Connecting to localhost:9000 as user default.
Connected to ClickHouse server version 19.11.3 revision 54423.
ubuntu02 :) quit
Bye.
ubuntu02:/$ sudo vi /etc/clickhouse-server/config.xml
[sudo] password for panco:
##uncomment
<listen_host>0.0.0.0</listen_host>
ubuntu02:/$ ping ubuntu02
PING ubuntu02 (172.27.16.11) 56(84) bytes of data.
64 bytes from ubuntu02 (172.27.16.11): icmp_seq=1 ttl=64 time=0.015 ms
64 bytes from ubuntu02 (172.27.16.11): icmp_seq=2 ttl=64 time=0.040 ms
^C
--- ubuntu02 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3039ms
rtt min/avg/max/mdev = 0.015/0.033/0.040/0.012 ms
ubuntu02:/$ sudo service clickhouse-server restart
ubuntu02:/$ clickhouse-client
ClickHouse client version 19.11.3.11 (official build).
Connecting to localhost:9000 as user default.
Code: 210. DB::NetException: Connection refused (localhost:9000)
Code: 210. DB::NetException: Connection refused (localhost:9000)
found the answer, I was too focus on those IP that I used is IPv4, indeed, Ubuntu enable IPv6 by default installation. It just simple uncomment this line
<listen_host>::</listen_host>
The problem is solved. Thanks Slesh for your kindly respond anyway.
Try This :
clickhouse-client -h 127.0.0.1
You can to specify few host to listen. Try this configuration:
<!-- Listen specified host. use :: (wildcard IPv6 address), if you want to accept connections both with IPv4 and IPv6 from everywhere. -->
<listen_host>::</listen_host>
<!-- Default values - try listen localhost on ipv4 and ipv6: -->
<listen_host>::1</listen_host>
<listen_host>127.0.0.1</listen_host>
Need to know the port of clickhouse
netstat -tulpn | grep LISTEN
And connect externally IP.
ex.
clickhouse-client -h 1.12.123.45 --port 9020 -u default --password my_strong_pass
I have a brand new IBM CP 3.1.2 cluster up and running. I've deployed my workloads on it, mostly go microservices. The containers can't start and log an error because it can't access an external redis server on port 6379.
The cluster is installed with the firewall mode to false.
I have double checked that the IP, port and credentials are correct.
I have checked that the port on the distant redis server is reachable from the nodes directly. I've checked that the calico policy is in allowed mode for outbound and inbound traffic.
I also have used a throwable busybox container, and it can't telnet the distant redis server either but it can ping it.
From the nodes :
telnet REDIS_SERVER 6379
Trying REDIS_SERVER...
Connected to REDIS_SERVER.
Escape character is '^]'.
From the busybox container, inside the cluster (kubectl run -i --rm --tty busybox --image=busybox -- sh) :
telnet REDIS_SERVER 6379
ping REDIS_SERVER
64 bytes from REDIS_SERVER: seq=0 ttl=59 time=1.415 ms
64 bytes from REDIS_SERVER: seq=1 ttl=59 time=1.376 ms
64 bytes from REDIS_SERVER: seq=2 ttl=59 time=1.674 ms
64 bytes from REDIS_SERVER: seq=3 ttl=59 time=1.705 ms
Is there something that I'm missing ?
The port was blocked because of a missing istio egress policy.
Once I've added the egress policy my pods were able to communicate with the distant REDIS server.
If I understood correctly the telnet failed inside of your pod, is that correct?
You can ping it but cannot telnet?
Does it happens if you go to other pod?
I am running a windows docker container on a Windows Server 2016 host, running default configuration.
When running the docker container using the command:
docker run -it microsoft/windowsservercore powershell
When I run the command:
ping <hostIPAddress>
It just says that the request times out.
I have checked that I can ping 8.8.8.8 and google.com etc... and even other machines on the same subnet. The only one I cannot ping is the host.
I have added '--dns ' to the 'docker run' command but this only allows me to ping the host machine via hostname and not IP.
Has anyone else seen this problem and have a solution?
I found a workaround (I'm not willing to call it a solution):
Windows Container Network Drivers: create a 'transparent' network:
docker network create -d transparent trans
Attach container to this network
docker run --network=trans ...
Important: Please note, that with this network, your container needs to obtain an IP Adress from the Host Subnet and it is directly exposed to it.
maybe related (this is about access the containers from the host):
According to https://github.com/Microsoft/Virtualization-Documentation/issues/253#issuecomment-217975932 (JMesser81):
This is a known limitation in our Windows NAT implementation (WinNAT) that you cannot access the external port in a static port mapping directly from the container (NAT) host.
Hoping this might help somebody.
On Windows 10 when hosting a Linux container on 0.0.0.0:5057 I was able to ping my server from my Windows host (powershell) using the IP address of the vEthernet (Default Switch) NIC found in Control Panel>All Control Panel Items>Network Connections:
In my case I have a corporate managed McAfee firewall running on my Windows host. I could not add any additional rules on the firewall, but fortunately there was a rule that allowed access from 172.16.0.0/24.
I used "docker network create -d transparent trans" and it worked as described, but I was not happy with an IP from my host network assigned to the container.
I did the following:
docker network create --driver=nat --subnet=172.16.0.0/24 br0
Added --network=br0 to my docker run command
I am facing the same issue.
My workaround is to restart docker service, afterwards it works fine. I'm still looking for a permanent solution.
root#a6c40eb25cbf:/# ping xxx.xx.xx.xxx
PING xxx.xx.xx.xxx (xxx.xx.xx.xxx): 56 data bytes
64 bytes from xxx.xx.xx.xxx: icmp_seq=0 ttl=37 time=3.541 ms
64 bytes from xxx.xx.xx.xxx: icmp_seq=1 ttl=37 time=2.643 ms
64 bytes from xxx.xx.xx.xxx: icmp_seq=2 ttl=37 time=1.857 ms
^C--- xxx.xx.xx.xxx ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
This works for me, I hope it works for you.
Currently, you must have WSL or WSL2 installed and have Virtualization enabled to run Docker on Windows.
The installation of WSL from PowerShell is with the following command.
wsl --install -d Ubuntu
Obviously you need to download and install Docker Desktop on Windows. It will be necessary to enable the WSL integration from the Docker desktop settings after installing it.
After configuring WSL and Docker Desktop, you can create/use your containers. Example:
docker run --name some-postgres -e POSTGRES_PASSWORD=mysecretpassword -d postgres
Finally you must identify the IP of WSL, you must open the Linux distribution that you installed in the first step, in our case Ubuntu, this will open your terminal and here we will execute:
ifconfig
and you will identify the ip of eth0. Example: 172.27.123.123
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.27.123.123 netmask 255.255.240.0 broadcast 172.27.127.255
inet6 fe80::215:5dff:fecf:b4 prefixlen 64 scopeid 0x20<link>
ether 00:15:5d:cf:00:b4 txqueuelen 1000 (Ethernet)
RX packets 4389 bytes 299784 (299.7 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4343 bytes 315643 (315.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Now you can ping from CMD in Windows to this IP.
NOTE: the connection will depend on the port of your container, example: 172.27.123.123:8080.
For some strange reason, I am not able to ping www.google.com when connected to one wifi.
If I disconnect from that wifi and connect to another wifi, I am able to ping www.google.com. This has happened on 2 different wifi.
While on those wifi networks, I am able to browse the web and ssh into AWS ec2.
------ On good wifi, my t-mobile hotspot ----
Joshuas-MBP:react-tutorial joshuacalloway$ docker run alpine ping www.google.com
PING www.google.com (216.58.216.68): 56 data bytes
64 bytes from 216.58.216.68: seq=0 ttl=61 time=34.701 ms
----- On 2 different wifi networks, iphone 6 t-mobile hotspot and a company guest wifi network ----
--- www.google.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 29.912/52.059/91.565 ms
Joshuas-MBP:react-tutorial joshuacalloway$ docker run alpine ping www.google.com
ping: bad address 'www.google.com'
docker -v
Docker version 1.10.3, build 20f81dd
On mac os X 10.11.3
Are you able to ping the IP while switching between WiFi? If you can ping the IP, then I would try one of two solutions:
Edit the /etc/resolv.conf from the host in order to use external DNS (e.g., 8.8.8.8, 8.8.4.4)
Run docker with -dns option, e.g.,
docker run -dns 8.8.8.8 -dns 8.8.4.4 base ping google.com
Or reboot the default virtualbox container:
docker-machine restart default