Description
File: network/bridge.md
The following section: https://docs.docker.com/network/bridge/#enable-forwarding-from-docker-containers-to-the-outside-world
states
By default, traffic from containers connected to the default bridge network is not forwarded to the outside world.
which is not correct using docker-ce 18.09.07.
docker/libnetwork reference: https://github.com/docker/libnetwork/blob/5b9fe1e1628d6077d1ba7a8c9a4310d09c8702ed/drivers/bridge/setup_ip_tables.go#L176
Using default parameters the following iptable is created which allows outgoing packets:
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
Moreover the steps documented to enable IP forwarding on the host are not mandatory when using default docker daemon parameters since --ip-forward defaults to true, which enable host/kernel IP forwarding when not enabled.
docker/libnetwork reference: https://github.com/docker/libnetwork/blob/04a014d03dc9430da22b12307188d2acfa775337/drivers/bridge/setup_ip_forwarding.go#L31
The default bridge network is considered a legacy detail of Docker and is not recommended for production use. Configuring it is a manual operation
Not sure what is the meaning of "legacy detail", but the default bridge network is setup automatically and does not require any manual operation.