从容器无法访问内部系统:
root@c65251d975e4:/# ping -c 1 10.97.179.110
PING 10.97.179.110 (10.97.179.110) 56(84) bytes of data.
--- 10.97.179.110 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms
其他互联网主机可以 ping 通:
root@c65251d975e4:/# ping -c 1 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=57 time=14.2 ms
--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 14.273/14.273/14.273/0.000 ms
路由表没有什么特别的:
root@c65251d975e4:/# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
从docker主机来看,没有任何问题:
» ping -c 1 10.97.179.110
PING 10.97.179.110 (10.97.179.110) 56(84) bytes of data.
64 bytes from 10.97.179.110: icmp_seq=1 ttl=60 time=6.87 ms
--- 10.97.179.110 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 6.872/6.872/6.872/0.000 ms
可能是什么问题?
编辑
如果我使用主机网络启动容器,它就可以工作:
$ docker run --rm -it --network host xenial-networking bash
root@polyphemus:/# ping -c 1 10.97.179.110 │172.20.0.0 0.0.0.0 255.254.0.0 U 0 0 0 tunsnx
PING 10.97.179.110 (10.97.179.110) 56(84) bytes of data. │172.21.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-1ad6626c6f69
64 bytes from 10.97.179.110: icmp_seq=1 ttl=60 time=8.45 ms │172.22.0.0 0.0.0.0 255.255.128.0 U 0 0 0 tunsnx
│172.22.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-eb037ec5c424
--- 10.97.179.110 ping statistics --- │172.22.128.0 0.0.0.0 255.255.192.0 U 0 0 0 tunsnx
1 packets transmitted, 1 received, 0% packet loss, time 0ms │172.22.192.0 0.0.0.0 255.255.240.0 U 0 0 0 tunsnx
rtt min/avg/max/mdev = 8.457/8.457/8.457/0.000 ms
如何使网络在正常网络模式(桥接模式)下工作