Skip to content

Management of Docker Containers Network


By default, Docker creates a bridge network for each container. While this can work for simple applications, it can quickly become unmanageable for complex applications. To manage Docker container networks effectively, it’s best to create custom networks. Custom networks allow you to isolate your containers and control their communication. You can also define the IP address range and subnet for your custom networks.

we have multiple implementations of container network model (CNM) for both local and global scope, eg. Bridge, Macvlan, Overlay, Virtual Extensible LAN (VXLan) or other Network Plugin. Here collect some common commands to manage docker network.


docker network ls
docker network inspect bridge
        "Name": "bridge",
        "Id": "3c95bc2a2477f0b36d9bd9f932a3809876d68423546c8f393b48e75ccfbfc236",
        "Created": "2021-09-24T16:16:58.135121591Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                    "Subnet": "",
                    "Gateway": ""
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        "ConfigOnly": false,
        "Containers": {},
        "Options": {
            "": "true",
            "": "true",
            "": "true",
            "": "",
            "": "docker0",
            "": "1500"
        "Labels": {}

tangle docker bridge network

## create
docker network create --driver bridge sample-net
docker network inspect sample-net | grep Subnet

docker network create --driver bridge --subnet "" test-net
docker network ls
3c95bc2a2477   bridge       bridge    local
7169b9c2108d   host         host      local
b550e8d7e9df   none         null      local
d68a81e0b468   sample-net   bridge    local
12732e64089b   test-net     bridge    local

create c1, c2 and put them into bridge network

docker container run --name c1 -it --rm alpine:latest /bin/sh
    # ip addr show eth0
    # ip route
docker container inspect c1

docker container run --name c2 -d alpine:latest ping
docker container inspect --format "{{.NetworkSettings.IPAddress}}" c2

docker network inspect bridge
## could see c1 c2 in bridge

create c3, c4 and put them into test-net

docker container run --name c3 -d --network test-net \
    alpine:latest ping
docker container run --name c4 -d --network test-net \
    alpine:latest ping

docker network inspect test-net
## could see c3 c4 in test-net

docker container exec -it c3 /bin/sh
    ### could ping c4
    # ping c4
    ### but cannot ping c2, neither ip nor hostname
    # ping c2
    # ping

create c5 attached test-net and smaple-net

docker container run --name c5 -d \
    --network sample-net \
    --network test-net \
    alpine:latest ping

clean up

docker container rm -f $(docker container ls -aq)
docker network rm sample-net
docker network rm test-net

## or
docker network prune --force


docker container run --rm -it --network host alpine:latest /bin/sh
    ### could see host ip in container
    # ip addr show eth0

run container in existing network

docker network create --driver bridge test-net
docker container run --name web -d \
    --network test-net nginx:alpine

## create a new container and put in the same network as web
docker container run -it --rm --network container:web \
    alpine:latest /bin/sh
    # curl localhost

## clean up
docker container rm --force web
docker network rm test-net

manage ports

## -P means let Docker decide which host port shall be mapped to
docker container run --name web -P -d nginx:alpine
docker container port web
docker container inspect web | grep HostPort

## user define port mapping
docker container run --name web2 -p 8910:80 -d nginx:alpine
Leave a message

  • Welcome to visit the knowledge base of SRE and DevOps!
  • License under CC BY-NC 4.0
  • Made with Material for MkDocs and improve writing by generative AI tools
  • Copyright issue feedback, replace # with @