Bridge Network
The
bridge network is the default network that all containers connect to if you don’t specify otherwise. Understanding how it works helps you design secure multi‑container setups.What Is the Default Bridge?
When Docker starts, it creates a Linux bridge named
docker0 on the host. Containers attached to the default bridge get an IP in a private range (e.g., 172.17.0.0/16) and can reach the outside world through NAT (Network Address Translation).Limitations of the Default Bridge
- Containers cannot reach each other by name – only by IP.
- You must publish ports (
-p) to expose containers to the host. - It is less secure than user‑defined bridges because all containers on the default bridge can communicate with each other without restriction.
Using the Default Bridge
Run two containers on the default bridge:
docker run -d --name c1 nginx
docker run -it --name c2 alpine shc2, you can find c1 by its IP (use docker inspect c1 to get the IP), but you cannot ping c1.User‑Defined Bridge Networks
For most use cases, you should create your own bridge network. It provides automatic DNS resolution and better isolation. Create one:
docker network create my-bridgedocker run -d --name c1 --network my-bridge nginx
docker run -it --name c2 --network my-bridge alpine shc2, you can ping c1 – the container name resolves to its IP.Customizing Bridge Networks
When creating a bridge, you can specify subnet, gateway, and IP ranges:
docker network create --driver bridge --subnet 192.168.10.0/24 --gateway 192.168.10.1 my-bridge-customTwo Minute Drill
- The default bridge is created automatically; containers on it can only talk by IP, not name.
- Create a user‑defined bridge for name resolution and better isolation.
- Use
docker network createwith optional subnet/gateway to customize. - Attach containers with
--networkflag when running.
Need more clarification?
Drop us an email at career@quipoinfotech.com