Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Find out which network interface belongs to docker container

Docker creates these virtual ethernet interfaces veth[UNIQUE ID] listed in ifconfig. How can I find out which interface belongs to a specific docker container?

I want to listen to the tcp traffic.

like image 417
Mahoni Avatar asked Jun 16 '16 13:06

Mahoni


People also ask

What network interface is Docker?

Macvlan Networks The macvlan driver is used to connect Docker containers directly to the host network interfaces through layer 2 segmentation.

Which network is default network in Docker?

The Bridge Driver This is the default. Whenever you start Docker, a bridge network gets created and all newly started containers will connect automatically to the default bridge network. You can use this whenever you want your containers running in isolation to connect and communicate with each other.


2 Answers

To locate interface
In my case getting value from container was like (check eth0 to):

$ docker exec -it my-container cat /sys/class/net/eth1/iflink 123 

And then:

$ ip ad | grep 123 123: vethd3234u4@if122: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP group default 

Check with tcpdump -i vethd3234u4


Reference about mysterious iflink from http://lxr.free-electrons.com/source/Documentation/ABI/testing/sysfs-class-net:

150 What:           /sys/class/net/<iface>/iflink 151 Date:           April 2005 152 KernelVersion:  2.6.12 153 Contact:        [email protected] 154 Description: 155                 Indicates the system-wide interface unique index identifier a 156                 the interface is linked to. Format is decimal. This attribute is 157                 used to resolve interfaces chaining, linking and stacking. 158                 Physical interfaces have the same 'ifindex' and 'iflink' values. 
like image 159
pbaranski Avatar answered Sep 22 '22 04:09

pbaranski


Based on the provided answer (which worked for me), I made this simple bash script:

#!/bin/bash  export containers=$(sudo docker ps --format "{{.ID}}|{{.Names}}") export interfaces=$(sudo ip ad); for x in $containers         do                 export name=$(echo "$x" |cut -d '|' -f 2);                 export id=$(echo "$x"|cut -d '|' -f 1)                 export ifaceNum="$(echo $(sudo docker exec -it "$id" cat /sys/class/net/eth0/iflink) | sed s/[^0-9]*//g):"                 export ifaceStr=$( echo "$interfaces" | grep $ifaceNum | cut -d ':' -f 2 | cut -d '@' -f 1);                 echo -e "$name: $ifaceStr"; done 
like image 30
ln -s Avatar answered Sep 23 '22 04:09

ln -s