HxHippy

Bridge Networks

Configure bridge networks for container communication.

Last updated: 2025-01-15

Bridge Networks

The default network driver for container-to-container communication.

Default Bridge vs User-Defined

Feature Default Bridge User-Defined
DNS resolution No Yes (by name)
Isolation All containers Network members
Connect/disconnect Restart required Runtime
Link containers Legacy --link Automatic

Creating Bridge Networks

# Create network
docker network create my-app-network

# With subnet specification
docker network create \
  --driver bridge \
  --subnet 172.28.0.0/16 \
  --ip-range 172.28.5.0/24 \
  --gateway 172.28.0.1 \
  my-custom-network

# With options
docker network create \
  --driver bridge \
  --opt com.docker.network.bridge.name=br-myapp \
  --opt com.docker.network.bridge.enable_icc=true \
  --opt com.docker.network.bridge.enable_ip_masquerade=true \
  my-network

Connecting Containers

# Run container on network
docker run -d --network my-app-network --name web nginx
docker run -d --network my-app-network --name api myapi

# Connect existing container
docker network connect my-app-network existing-container

# Disconnect from network
docker network disconnect my-app-network container

# Container with multiple networks
docker run -d \
  --network frontend \
  --name api \
  myapi
docker network connect backend api

DNS and Service Discovery

# Containers can resolve each other by name
docker run -it --network my-app-network alpine
> ping web        # Resolves to web container's IP
> ping api        # Resolves to api container's IP

Network Aliases

# Container with multiple names
docker run -d \
  --network my-app-network \
  --network-alias db \
  --network-alias database \
  --network-alias postgres \
  --name postgres-container \
  postgres

# All aliases resolve to same container
docker run --network my-app-network alpine ping db

Internal Networks

# Create internal network (no external access)
docker network create --internal backend-internal

# Containers can't reach internet
docker run --network backend-internal alpine ping google.com
# ping: bad address 'google.com'

Network Inspection

# View network details
docker network inspect my-app-network

# Output includes:
# - Subnet/Gateway configuration
# - Connected containers
# - IP addresses
# - Driver options

Complete Example

# Create networks
docker network create frontend
docker network create --internal backend

# Database (internal only)
docker run -d \
  --network backend \
  --name db \
  -e POSTGRES_PASSWORD=secret \
  postgres

# API (both networks)
docker run -d \
  --network backend \
  --name api \
  -e DATABASE_URL=postgres://postgres:secret@db:5432/postgres \
  myapi
docker network connect frontend api

# Nginx (frontend only)
docker run -d \
  --network frontend \
  --name nginx \
  -p 80:80 \
  nginx

Cleanup

# Remove network (must disconnect containers first)
docker network rm my-app-network

# Remove all unused networks
docker network prune

# Force remove with connected containers
docker network rm -f my-network
intermediate Networking Updated 2025-01-15
  • docker
  • bridge
  • networking
  • isolation
  • communication