이 페이지의 이전 버전을 보고 있습니다. 현재 버전 보기.

현재와 비교 페이지 이력 보기

버전 1 다음 »


Test

Docker Host (134.75.zzz.250)

# docker run -d --rm --name web-test -p 80:8000 crccheck/hello-world
# tcpdump -i any -nn 'port 8000 or port 80'

Web Client (210.107.xx.yy)

# curl http://134.75.zzz.250

iptables enabled

Source IP is preserved.

# tcpdump -i any -nn 'port 8000 or port 80'
16:34:08.561232 eth0         In   IP 210.107.xx.yy.64516 > 134.75.zzz.250.80   : Flags [S], seq 2608725075, win 65535, ... , length 0
16:34:08.561259 docker0      Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [S], seq 2608725075, win 65535, ... , length 0
16:34:08.561265 veth0c3a1d7  Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [S], seq 2608725075, win 65535, ... , length 0
16:34:08.561286 veth0c3a1d7  P    IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [S.], seq 497713069, ack 2608725076, win 65160, ... , length 0
16:34:08.561288 docker0      In   IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [S.], seq 497713069, ack 2608725076, win 65160, ... , length 0
16:34:08.561294 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.64516 : Flags [S.], seq 497713069, ack 2608725076, win 65160, ... , length 0
16:34:08.562295 eth0         In   IP 210.107.xx.yy.64516 > 134.75.zzz.250.80   : Flags [.], ack 1, win 2051, ... , length 0
16:34:08.562303 docker0      Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [.], ack 1, win 2051, ... , length 0
16:34:08.562305 veth0c3a1d7  Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [.], ack 1, win 2051, ... , length 0
16:34:08.562384 eth0         In   IP 210.107.xx.yy.64516 > 134.75.zzz.250.80   : Flags [P.], seq 1:78, ack 1, win 2051, ... / HTTP/1.1
16:34:08.562387 docker0      Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [P.], seq 1:78, ack 1, win 2051, ...  length 77
16:34:08.562388 veth0c3a1d7  Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [P.], seq 1:78, ack 1, win 2051, ...  length 77
16:34:08.562442 veth0c3a1d7  P    IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [.], ack 78, win 509, ... , length 0
16:34:08.562456 docker0      In   IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [.], ack 78, win 509, ... , length 0
16:34:08.562492 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.64516 : Flags [.], ack 78, win 509, ... , length 0
16:34:08.562971 veth0c3a1d7  P    IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [P.], seq 1:212, ack 78, win 509, ... length 211
16:34:08.562973 docker0      In   IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [P.], seq 1:212, ack 78, win 509, ... length 211
16:34:08.562980 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.64516 : Flags [P.], seq 1:212, ack 78, win 509, ... 1.1 200 OK
16:34:08.563001 veth0c3a1d7  P    IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [F.], seq 212:651, ack 78, win 509, ... length 439
16:34:08.563002 docker0      In   IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [F.], seq 212:651, ack 78, win 509, ... length 439
16:34:08.563006 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.64516 : Flags [F.], seq 212:651, ack 78, win 509, ...  439: HTTP
16:34:08.567560 eth0         In   IP 210.107.xx.yy.64516 > 134.75.zzz.250.80   : Flags [.], ack 212, win 2048, ... , length 0
16:34:08.567569 docker0      Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [.], ack 212, win 2048, ... , length 0
16:34:08.567570 veth0c3a1d7  Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [.], ack 212, win 2048, ... , length 0
16:34:08.567577 eth0         In   IP 210.107.xx.yy.64516 > 134.75.zzz.250.80   : Flags [.], ack 652, win 2041, ... , length 0
16:34:08.567579 docker0      Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [.], ack 652, win 2041, ... , length 0
16:34:08.567580 veth0c3a1d7  Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [.], ack 652, win 2041, ... , length 0
16:34:08.567909 eth0         In   IP 210.107.xx.yy.64516 > 134.75.zzz.250.80   : Flags [F.], seq 78, ack 652, win 2048, ... , length 0
16:34:08.567911 docker0      Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [F.], seq 78, ack 652, win 2048, ... , length 0
16:34:08.567912 veth0c3a1d7  Out  IP 210.107.xx.yy.64516 > 172.17.0.2.8000     : Flags [F.], seq 78, ack 652, win 2048, ... , length 0
16:34:08.567918 veth0c3a1d7  P    IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [.], ack 79, win 509, ... , length 0
16:34:08.567918 docker0      In   IP 172.17.0.2.8000     > 210.107.xx.yy.64516 : Flags [.], ack 79, win 509, ... , length 0
16:34:08.567924 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.64516 : Flags [.], ack 79, win 509, ... , length 0
^C
33 packets captured
35 packets received by filter
0 packets dropped by kernel

iptables disabled

/etc/docker/daemon.json
{ "iptables": false }



  • 레이블 없음