Cannot connect to the internet from your Docker containers?

Stuck trying to figure out what’s up with your containers, as they cannot seem to be able to access the network?

Well, that happened to a few of us at Namshi in the past couple of days.

The good news is that you can clearly verify that something is just wrong with Docker by simply pinging google.com from your host and a simple container:

1
2
3
4
5
6
7
8
$ ping google.com
PING google.com (173.194.124.7) 56(84) bytes of data.
64 bytes from 173.194.124.7: icmp_req=1 ttl=56 time=11.1 ms
64 bytes from 173.194.124.7: icmp_req=2 ttl=56 time=13.2 ms
...

$ docker run -ti ubuntu ping google.com
# BLACK HOLE

If you happen to get stuck in this kind of situation, you might want to look into what DNS server Docker is actually using to let your containers resolve onto the internet.

In our case, we realized our firewall was acting pretty weirdly with Google’s public DNSes (8.8.8.8 and 8.8.4.4), which happen to be the default ones Docker is gonna use in case you don’t have anything custom specified in your resolv.conf and so on.

The issue, overall, was quite easy to circumvent, as we just told docker to use OpenDNS in our /etc/default/docker:

1
2
3
4
# Docker Upstart and SysVinit configuration file

# Use DOCKER_OPTS to modify the daemon startup options.
DOCKER_OPTS="--dns 208.67.222.222 --dns 208.67.220.220"

Then, you will only need to restart the Docker demon and everything should be fine:

1
2
3
4
5
6
7
8
9
$ sudo service docker restart  
docker stop/waiting
docker start/running, process 26999

$ docker run ubuntu ping google.com   
PING google.com (173.194.124.2) 56(84) bytes of data.
64 bytes from 173.194.124.2: icmp_seq=1 ttl=55 time=11.4 ms
64 bytes from 173.194.124.2: icmp_seq=2 ttl=55 time=11.2 ms
...

Hope this helps! To be honest we’ve googled around and found out that there might be some other, creepier, issues that might cause the problem, so I’d really hope yours is just as silly as the one I’ve faced.


Hi there! I recently wrote an ebook on web application security, currently sold on leanpub, the Amazon Kindle store and gumroad.

It contains 160+ pages of content dedicated to securing web applications and improving your security awareness when building web apps, with chapters ranging from explaining how to secure HTTP cookies with the right flags to understanding why it is important to consider joining a bug bounty program.

Feel free to skim through some of the free chapters published on this blog and, if the content seems interesting enough to you, grab a copy on leanpub, the Amazon Kindle store, gumroad or simply checkout right down below!

Buy the Web Application Security ebook for $9.99

In the mood for some more reading?

...or check the archives.