How could I ping my docker container from my host

It works in this scenario:

  1. Windows host
  2. Linux VM installed on Windows host
  3. Docker container installed on Linux VM host

Now you have to note this. Containers are in a isolated network but connected to the internet throught your Docker container host adapter.So you have to tell kernel linux to be available in your network then in your Linux VM:

# sysctl net.ipv4.conf.all.forwarding=1
# sudo iptables -P FORWARD ACCEPT

Now in you Windows host you have to add a route for our container network: route add "Docker container network" "Linux VM IP" for example

# route add

You can't ping or access a container interface directly with Docker for Mac.

The current best solution is to connect to your containers from another container. At present there is no way we can provide routing to these containers due to issues with OSX that Apple have not yet resolved. we are tracking this requirement, but we cannot do anything about it at present.

Docker Toolbox/VirtualBox

When running Docker Toolbox, Docker Machine via VirtualBox or any VirtualBox VM (like a Vagrant definition) you can setup a "Host-Only Network" and access the Docker VMs network via that.

If you are using the default boot2docker VM, don't change the existing interface as you will stop a whole lot of Docker utilities from working, add a new interface.

You will also need to setup routing from your Mac to the container networks via your VM's new IP address. In my case the Docker network range is and the Host Only adapter IP on the VM is

sudo route add

Adding a permanent route to osx is bit more complex

Then you can get to containers from your Mac

machost:~ ping -c 1
PING ( 56 data bytes
64 bytes from icmp_seq=0 ttl=63 time=0.364 ms

--- ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.364/0.364/0.364/0.000 ms

Vagrant + Ansible setup

Here's my running config...

Vagrant.configure("2") do |config| = "debian/contrib-buster64"
  config.vm.hostname = "docker" "private_network", ip: "", hostname: true
  config.vm.provider "virtualbox" do |vb|
    vb.gui = false
    vb.memory = "4000"
    vb.cpus = "4"
  config.vm.provision "ansible" do |ansible|
    ansible.verbose = "v"
    ansible.playbook = "tasks.yaml"

The ansible tasks.yaml to configure a fixed network.

- hosts: all
  become: yes
    ansible_python_interpreter: auto_silent
      host: ["tcp://"]
      userland-proxy: false

  - ansible.builtin.apt:
      update_cache: yes
      force_apt_get: yes
      - bridge-utils
      - python3-docker
      - python-docker
      - iptables-persistent

  - ansible.builtin.hostname:
      name: docker

  - ansible.builtin.copy:
      content: "{{ docker_config | to_json }}"
      dest: /etc/docker/daemon.json

  - ansible.builtin.lineinfile:
      line: 'DOCKER_OPTS="{% for host in %} -H {{ host }} {% endfor %}"'
      regexp: '^DOCKER_OPTS='
      path: /etc/default/docker

  - ansible.builtin.systemd:
      name: docker.service
      state: restarted
  - ansible.builtin.iptables:
      action: insert
      chain: DOCKER-USER
      in_interface: eth1
      out_interface: docker0
      jump: ACCEPT
  - iptables-save > /etc/iptables/rules.v4

Add the route for the docker bridge network via the VM to the mac

$ sudo /sbin/route -n -v add -net

Then set DOCKER_HOST= in the environment to use the new VM.

$ export DOCKER_HOST= 
$ docker run --name route_test --rm -d node:14-slim node -e "require('http').createServer((req, res) => {
 res.writeHead(200, {'Content-Type':'text/plain'})
$ docker container inspect route_test -f '{{ .NetworkSettings.Networks.bridge.IPAddress }}'
$ curl
$ docker rm -f route_test

You don't get volumes mapped from the host to the vm, but as a bonus it uses a lot less cpu than the Docker 2.5.x release.

As an alternative, if your container has a bash shell incorporated, you can access it through

docker exec -it <CONTAINER ID> bash

and then you can ping your virtual ip