Fading Coder

One Final Commit for the Last Sprint

Home > Tech > Content

Container Communication Using Linux Bridge

Tech 2

Connectign Docker Containers to a Custom Linux Bridge

To connect a Docker container to a manually created Linux network bridge via a veth pair, follow these steps:

Step 1: Create the network bridge

# Create bridge using iproute2
sudo ip link add name custom-br type bridge
# Alternative creation using bridge-utils
sudo brctl addbr custom-br

# Bring the bridge interface up
sudo ip link set custom-br up

# Verify and list all existing Linux bridges
sudo brctl show

Step 2: Create a veth pair

sudo ip link add host-veth type veth peer name container-veth

Step 3: Attach one end of the veth pair to the bridge

sudo ip link set host-veth master custom-br
sudo ip link set host-veth up

Step 4: Move the other end to the container's network namespace

First, get the PID of your target container to access its network namespace:

CONTAINER_PID=$(docker inspect -f '{{.State.Pid}}' <container_name_or_id>)

Move the veth to the container's namespace and bring it up:

sudo ip link set container-veth netns $CONTAINER_PID
sudo nsenter -t $CONTAINER_PID -n ip link set container-veth up

Step 5: Assign IP address to container-side veth (Optional)

If your bridge does not run a DHCP service, manually assign an IP:

sudo nsenter -t $CONTAINER_PID -n ip addr add <ip_address>/<subnet_mask> dev container-veth

Step 6: Update container routing (Optional)

Add a default route through the bridge to enable external connectivity:

sudo nsenter -t $CONTAINER_PID -n ip route add default via <bridge_gateway_ip>

Complete Working Example

1. Prepare a tooling-enabled container image

First, create a container image that includes basic networking utilities such as ping, ip addr, and ifconfig. You can build it by:

  1. Starting a container from a base Debian image
  2. Installing tools with apt install net-tools iproute2 iputils-ping
  3. Committing the running container to a new custom image

2. Start a container with no default network

# Start a detached container with none network mode for manual configuration
docker run -itd --name debian-test --net=none custom-debian-net bash

When you check network interfaces inside the container, you will only see the loopback interface:

root@6a8952c68c52:/# ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0  overruns 0  carrier 0  collisions 0

3. Create the custom bridge

# Create the bridge interface
sudo ip link add name demo-br type bridge
# Alternative: sudo brctl addbr demo-br

# Bring the bridge up
sudo ip link set demo-br up

# Verify creation
sudo brctl show
Tags: LinuxdockerContainer Networking
Back to List

Prev: Inverse Dynamic Programming for Backpack Deletion

Next: Step-by-Step Setup Guide for Vite + Vue 3 + TypeScript + Pinia + Vant Project

Related Articles

Understanding Strong and Weak References in Java

Strong References Strong reference are the most prevalent type of object referencing in Java. When an object has a strong reference pointing to it, the garbage collector will not reclaim its memory. F...

Comprehensive Guide to SSTI Explained with Payload Bypass Techniques

Introduction Server-Side Template Injection (SSTI) is a vulnerability in web applications where user input is improper handled within the template engine and executed on the server. This exploit can r...

Implement Image Upload Functionality for Django Integrated TinyMCE Editor

Django’s Admin panel is highly user-friendly, and pairing it with TinyMCE, an effective rich text editor, simplifies content management significantly. Combining the two is particular useful for bloggi...

Leave a Comment

Anonymous

◎Feel free to join the discussion and share your thoughts.

Copyright © fadingcoder.top