Description
Problem description
I've had a bad experience with using docker and my own standard iptables scripts. Since I'm anal about security I immediately put in my own firewall scripts when I started playing with docker. During the course of my learning it, I repeatedly had problems getting things to work, and only after a lot of head-scratching and frustration I just buckled and trusted docker's ip tables setup. This still left me wanting for more control though.
Problem location
I would like to see this highlighted in the docker network section here as a note:
https://docs.docker.com/engine/userguide/networking/get-started-overlay/
I think this will be the place where everybody suspecting some network problem will end up.
Project version(s) affected
n/a
Suggestions for a fix
Proposed text (but I'm not a native speaker)
Docker manipulates iptables to manage a lot of the traffic flow, both between containers and the outside world. Issues are known where Docker 'fights' with other firewalls, resulting in error states which are hard to troubleshoot. Especially if you are experimenting with Docker we recommend that you rely on Docker's iptables rules, and don't install your own firewall.