name	docker-networking
description	Configure Docker networking for containers including bridge, overlay, and service discovery
sasmp_version	1.3.0
bonded_agent	03-docker-networking
bond_type	PRIMARY_BOND

Docker Networking Skill

Master Docker networking concepts and configuration for container communication, service discovery, and network isolation.

Purpose

Configure and troubleshoot Docker networks for development and production environments with proper isolation and service discovery.

Parameters

Parameter	Type	Required	Default	Description
driver	enum	No	bridge	bridge/overlay/host/macvlan
subnet	string	No	-	Custom subnet CIDR
internal	boolean	No	false	Internal-only network

Network Drivers

Driver	Use Case	Multi-Host	Encryption
bridge	Single host, default	No	No
overlay	Swarm, multi-host	Yes	Optional
host	Max performance	No	N/A
macvlan	Physical network	No	No
none	Disable networking	No	N/A

Configuration Examples

Custom Bridge Network

# Create network with custom subnet
docker network create \
  --driver bridge \
  --subnet 172.28.0.0/16 \
  --gateway 172.28.0.1 \
  my_network

# Run container on network
docker run -d --name app \
  --network my_network \
  nginx:alpine

Docker Compose Networking

services:
  frontend:
    image: nginx:alpine
    networks:
      - public
    ports:
      - "80:80"

  backend:
    image: node:20-alpine
    networks:
      - public
      - private
    expose:
      - "3000"

  database:
    image: postgres:16-alpine
    networks:
      - private  # Internal only

networks:
  public:
    driver: bridge
  private:
    driver: bridge
    internal: true  # No external access

Service Discovery

# Containers can reach each other by service name
services:
  app:
    image: myapp
    environment:
      # Use service name as hostname
      DATABASE_HOST: database
      CACHE_HOST: redis

  database:
    image: postgres:16-alpine

  redis:
    image: redis:alpine

Overlay Network (Swarm)

# Create encrypted overlay
docker network create \
  --driver overlay \
  --attachable \
  --opt encrypted \
  my_overlay

Port Mapping

# Map host:container
docker run -p 8080:80 nginx

# Bind to specific interface
docker run -p 127.0.0.1:8080:80 nginx

# Random host port
docker run -P nginx

# UDP port
docker run -p 53:53/udp dnsserver

Error Handling

Common Errors

Error	Cause	Solution
`network not found`	Typo or deleted	Create network
`address in use`	Port conflict	Change port
`cannot reach`	Wrong network	Check network membership
`DNS failed`	Service not ready	Add health checks

Fallback Strategy

Verify network exists: docker network ls
Check container membership: docker network inspect <net>
Test DNS: docker exec app nslookup backend

Troubleshooting

Debug Checklist

Network created? docker network ls
Container connected? docker inspect <container>
DNS resolving? nslookup from container
Port mapped? docker port <container>

Diagnostic Commands

# List networks
docker network ls

# Inspect network
docker network inspect my_network

# Test connectivity
docker exec app ping -c 3 database

# Check DNS
docker exec app nslookup backend

# View port mappings
docker port container_name

Network Debugging

# Enter container network namespace
docker exec -it app sh

# Check DNS resolution
cat /etc/resolv.conf
nslookup database

# Check connectivity
ping -c 3 backend
curl http://backend:3000/health

Usage

Skill("docker-networking")

Related Skills

docker-compose-setup
docker-swarm

docker-networking

Install Skill

SKILL.md