libnetwork icon indicating copy to clipboard operation
libnetwork copied to clipboard

Published 20 hours ago verified publisher icon moby

Recieve UDP multicast inside a docker container without "--net host" option

Open druanoor opened this issue 5 years ago • 5 comments

Is there any way to achieve this? I can't use "--net host" since i need more containers to run in the same host and map ports with the host.

druanoor avatar Jun 23 '19 11:06 druanoor

I'm faced with the same issue. Is there a way to receive multicast traffic which was sent to the host inside a docker container?

cornim avatar Mar 06 '21 09:03 cornim

Multicast to/from a docker bridge network is currently not possible. This is due to limitations with how linux kernels provide support for multicast routing. Packets are forwarded to the docker bridge using iptables and the unicast routing table, but multicast packets are handled differently in linux kernels. A workaround is to run a tool like smcrouted on the host (or in a container with access to the host network). This process does the work of managing the linux multicast forwarding cache.

Side note: If running docker swarm, and all your multicast communication is happening between nodes you can control, you could use weave net, which apparently has support for multicast.

It would be nice if we could see some multicast support added here... but ultimately it feels like more of a kernel issue.

jackhart avatar Oct 05 '21 23:10 jackhart

There is a working solution using virtual ethernet veth or real physical device with macvlan or ipvlan drivers https://github.com/moby/libnetwork/issues/552#issuecomment-1227821940 The veth can be used for internal multicast side-by-side communication between containers. To work with multicast from outside world (machine) use real physical device in the --opt parent=<device> option for the docker network create command. It works in local scope (standalone, compose) or swarm scope (cluster, stack).

tymonx avatar Aug 25 '22 22:08 tymonx

...To work with multicast from outside world (machine) use real physical device in the --opt parent=<device> option for the docker network create command. It works in local scope (standalone, compose) or swarm scope (cluster, stack).

Would you please elaborate on this a bit? I'm not sure how to subset the container<->container multicast setup to work with a {host-or-outside-world}<->container setup. Thanks v. much. @tymonx

TW4177 avatar Jul 29 '23 00:07 TW4177