Docker Networking

Docker networking controls how containers communicate with each other and with the outside world. Understanding Docker's network model is critical for multi-container applications: which containers can talk to which, how to expose services to the host, and how containers on the same machine resolve each other's names. The most important concept: containers on the same user-defined bridge network can reach each other by container name, while containers on the default bridge cannot.

Network drivers

Driver	Use case	Container-to-container
bridge (default)	Single host, multiple containers	Via IP only (no DNS)
user-defined bridge	Application containers on same host	By container name (DNS)
host	Maximum network performance	Shares host network namespace
none	No networking needed	Isolated
overlay	Multi-host (Docker Swarm)	By service name across hosts

Custom bridge networks

# Create a custom network:
docker network create myapp-network

# Run containers on this network:
docker run -d --name db --network myapp-network mysql:8.0
docker run -d --name web --network myapp-network nginx:alpine

# Containers can now reach each other by name:
# From the web container: ping db  (resolves to db container's IP)
docker exec web ping db

# List networks:
docker network ls

# Inspect network (shows connected containers and their IPs):
docker network inspect myapp-network

docker network inspect output (simplified)

"Containers": {
    "abc123": {
        "Name": "db",
        "IPv4Address": "172.18.0.2/16"
    },
    "def456": {
        "Name": "web",
        "IPv4Address": "172.18.0.3/16"
    }
}

Host and none networks

# Host network: container uses host's network stack directly
# Container is as if running natively on the host (no NAT overhead)
docker run -d --network host nginx

# Verify: nginx directly binds to port 80 on the host
ss -tlnp | grep :80

# None network: no network access at all
docker run --network none ubuntu:22.04 ping 8.8.8.8
# PING 8.8.8.8: Network is unreachable

Container DNS and service discovery

# DNS resolution within a user-defined bridge network:
# Container name 'db' resolves to its IP automatically
docker run --rm --network myapp-network alpine nslookup db

nslookup output inside container

Name:      db
Address 1: 172.18.0.2 db.myapp-network

# Connect a running container to an additional network:
docker network connect myapp-network existing-container

# Disconnect from a network:
docker network disconnect myapp-network existing-container

# Remove unused networks:
docker network prune

Conclusion

Always create custom bridge networks for multi-container applications instead of using the default bridge. Custom networks provide automatic DNS resolution by container name and better isolation. The common mistake is putting containers on the default bridge and then wondering why they cannot reach each other by name — on the default bridge only IP addresses work, not names. In Docker Compose, a custom network is created automatically for each project.

FAQ

Is Docker Networking important for Ubuntu administrators?+

Yes. It supports practical Ubuntu administration because it connects directly to server reliability, security, troubleshooting, or daily operations.

Should I practice this on a live server?+

Use a lab VM first. After you understand the command output and rollback path, apply the workflow carefully on real systems.

What should I do after reading this article?+

Run the practice commands, write down what each one shows, and continue to the next article in the Ubuntu roadmap.

Need help with Ubuntu administration?

Work directly with Muhammad Irfan Aslam for Ubuntu Server, Linux, cloud, Docker, DevOps, CI/CD, or infrastructure troubleshooting support.

Hire Me for Support