0
0
Dockerdevops~5 mins

Bridge network default behavior in Docker - Commands & Configuration

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Introduction
Docker uses a bridge network by default to allow containers on the same host to communicate with each other. This network acts like a virtual switch connecting containers, isolating them from the outside unless explicitly exposed.
When you want multiple containers on the same machine to talk to each other easily without extra setup.
When you run a simple web app and a database container on the same host and want them connected.
When you need container isolation from the host network but still want internal communication.
When you want to test container networking locally without configuring custom networks.
When you want to expose only specific ports to the outside while keeping other container traffic private.
Commands
This command lists all Docker networks on your system, including the default bridge network.
Terminal
docker network ls
Expected OutputExpected
NETWORK ID NAME DRIVER SCOPE b3d3f6e8c1a2 bridge bridge local f7c8e9d7a123 host host local 9a8b7c6d5e4f none null local
This command runs an Nginx container detached, connected to the default bridge network automatically.
Terminal
docker run -d --name my-nginx nginx
Expected OutputExpected
a1b2c3d4e5f678901234567890abcdef1234567890abcdef1234567890abcdef
-d - Run container in detached mode (in background)
--name - Assign a name to the container for easier reference
This command shows detailed information about the default bridge network, including connected containers and IP ranges.
Terminal
docker network inspect bridge
Expected OutputExpected
[ { "Name": "bridge", "Id": "b3d3f6e8c1a2", "Created": "2024-06-01T12:00:00.000000000Z", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Config": [ { "Subnet": "172.17.0.0/16", "Gateway": "172.17.0.1" } ] }, "Containers": { "a1b2c3d4e5f678901234567890abcdef1234567890abcdef1234567890abcdef": { "Name": "my-nginx", "EndpointID": "e1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcd", "MacAddress": "02:42:ac:11:00:02", "IPv4Address": "172.17.0.2/16", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ]
This command tests connectivity from the container to the bridge network gateway, showing the default network allows communication.
Terminal
docker exec my-nginx ping -c 2 172.17.0.1
Expected OutputExpected
PING 172.17.0.1 (172.17.0.1) 56(84) bytes of data. 64 bytes from 172.17.0.1: icmp_seq=1 ttl=64 time=0.123 ms 64 bytes from 172.17.0.1: icmp_seq=2 ttl=64 time=0.110 ms --- 172.17.0.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 0.110/0.116/0.123/0.007 ms
-c 2 - Send 2 ping packets then stop
Key Concept

If you remember nothing else from this pattern, remember: Docker's default bridge network connects containers on the same host with isolated internal IPs and allows controlled external access.

Common Mistakes
Trying to access a container's exposed port from the host without publishing the port.
By default, containers on the bridge network are isolated from the host network and ports are not accessible externally unless published.
Use the -p flag with docker run to publish container ports to the host, e.g., docker run -d -p 8080:80 nginx.
Assuming containers on different hosts can communicate over the default bridge network.
The default bridge network is local to a single Docker host and does not span multiple machines.
Use overlay networks or other multi-host networking solutions for cross-host container communication.
Summary
The default bridge network connects containers on the same Docker host with isolated IP addresses.
Containers on this network can communicate internally but need port publishing to be accessed from outside.
Inspecting the bridge network shows connected containers and IP details for troubleshooting.