Docker "NO ROUTE TO HOST" Error While connecting from one container to other

Docker "NO ROUTE TO HOST" Error While connecting from one container to other

Error:

root@32df7a448e1e:/# curl http://172.17.0.4:32781
curl: (7) Failed to connect to 172.17.0.4 port 32781: Connection refused
root@32df7a448e1e:/# exit

I have a container A and a container B ( on the same host ) and they can not communicate to each other via host-ip:<port>. It Fails with following Error "NO ROUTE TO HOST"

Action Taken:

1. From  container B, “telnet host-ip <port>” , prints “NO ROUTE TO HOST”;
2. From my Host/Laptop, “telnet host-ip <port>” show success.

Solution:

This is a “known” bug. Everyone can access in this port, except for container in the same host. You have to allow it with firewall. Let's How to do that.

Add a Rich rule to allow docker specific Network to communicate. I've added two subnets, you can add more.

root:/manasmonitoring/jenkins_docker_pipeline$ firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="172.17.0.0/16" accept'
success
root:/manasmonitoring/jenkins_docker_pipeline$ firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="172.18.0.0/16" accept'
success
root:/manasmonitoring/jenkins_docker_pipeline$
root:/manasmonitoring/jenkins_docker_pipeline$

Reload the Firewalld

root:/manasmonitoring/jenkins_docker_pipeline$ firewall-cmd --reload
success
root:/manasmonitoring/jenkins_docker_pipeline$

Check the Rules are applied or not:

root:/manasmonitoring/jenkins_docker_pipeline$ firewall-cmd --zone=public --list-all
public
  target: default
  icmp-block-inversion: no
  interfaces:
  sources:
  services: dhcpv6-client http jenkins ssh
  ports:
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
        rule family="ipv4" source address="172.17.0.0/16" accept
        rule family="ipv4" source address="172.18.0.0/16" accept
root:/manasmonitoring/jenkins_docker_pipeline$