Networking features in Docker Desktop for Windows
Estimated reading time: 4 minutes
Docker Desktop provides several networking features to make it easier to use.
Docker Desktop networking can work when attached to a VPN. To do this, Docker Desktop intercepts traffic from the containers and injects it into Windows as if it originated from the Docker application.
When you run a container with the
-p argument, for example:
$ docker run -p 80:80 -d nginx
Docker Desktop makes whatever is running on port 80 in the container (in
nginx) available on port 80 of
localhost. In this example, the
host and container ports are the same. What if you need to specify a different
host port? If, for example, you already have something running on port 80 of
your host machine, you can connect the container to a different port:
$ docker run -p 8000:80 -d nginx
Now, connections to
localhost:8000 are sent to port 80 in the container. The
HTTP/HTTPS Proxy Support
Known limitations, use cases, and workarounds
Following is a summary of current limitations on the Docker Desktop for Windows networking stack, along with some ideas for workarounds.
There is no docker0 bridge on Windows
Because of the way networking is implemented in Docker Desktop for Windows, you cannot
docker0 interface on the host. This interface is actually within the
I cannot ping my containers
Docker Desktop for Windows can’t route traffic to Linux containers. However, you can ping the Windows containers.
Per-container IP addressing is not possible
The docker (Linux) bridge network is not reachable from the Windows host. However, it works with Windows containers.
Use cases and workarounds
There are two scenarios that the above limitations affect:
I want to connect from a container to a service on the host
The host has a changing IP address (or none if you have no network access). We recommend that you connect to the special DNS name
host.docker.internal which resolves to the internal IP address used by the
host. This is for development purpose and will not work in a production environment outside of Docker Desktop for Windows.
You can also reach the gateway using
If you have installed Python on your machine, use the following instructions as an example to connect from a container to a service on the host:
Run the following command to start a simple HTTP server on port 8000.
python -m http.server 8000
If you have installed Python 2.x, run
python -m SimpleHTTPServer 8000.
Now, run a container, install
curl, and try to connect to the host using the following commands:
$ docker run --rm -it alpine sh # apk add curl # curl http://host.docker.internal:8000 # exit
I want to connect to a container from Windows
Port forwarding works for
-P all work.
Ports exposed from Linux are forwarded to the host.
Our current recommendation is to publish a port, or to connect from another container. This is what you need to do even on Linux if the container is on an overlay network, not a bridge network, as these are not routed.
For example, to run an
$ docker run -d -p 80:80 --name webserver nginx
To clarify the syntax, the following two commands both publish container’s port
80 to host’s port
$ docker run --publish 8000:80 --name webserver nginx $ docker run -p 8000:80 --name webserver nginx
To publish all ports, use the
-P flag. For example, the following command
starts a container (in detached mode) and the
-P flag publishes all exposed ports of the
container to random ports on the host.
$ docker run -d -P --name webserver nginx
See the run command for more details on
publish options used with