nc command: inverse host lookup failed: Unknown host
"Inverse host lookup failed" simply means that nc wanted to print which host name 10.0.0.10 corresponds to, but couldn't.
UNKNOWN is simply what it then prints as the host name.
This is distinct from "I looked it up, but it doesn't seem to correspond to anything" which is what happens outside the container.
To be perfectly explicit, connecting to the host succeeded, but looking up its name from the IP address failed. This is just an informational warning message, not a hard error; the lookup is entirely optional, anyway, and can be disabled with -n.
If you really want to avoid this warning and not switch to -n, you need to set up working DNS inside the container.
Yes, this is expected if you have not SSH'ed into the docker container.
Connection to 10.0.0.10 22 port [tcp/ssh] succeeded! is seen in the VM because you have SSH'ed into the VM as ssh [email protected] and port 22 is used in the VM for SSH.
But, when you are inside a docker container (using docker run or docker exec or docker attach), port 22 will not be used, and hence the following error from nc is expected inside the docker container:
10.0.0.10: inverse host lookup failed: Unknown host
(UNKNOWN) [10.0.0.10] 22 (ssh) open
Here are the steps to successfully test if port 80 is used using nc inside an nginx docker container:
$ sudo docker run --name docker-nginx -d -p 80:80 nginx
$ sudo docker exec -it docker-nginx /bin/bash
root@60ec582e90f4:/# apt-get -y update
root@60ec582e90f4:/# apt-get -y upgrade
root@60ec582e90f4:/# apt-get install -y net-tools
root@60ec582e90f4:/# apt-get install -y netcat
# make sure that port 80 is used
root@60ec582e90f4:/# netstat -pan | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1/nginx: master pro
# nc will work now inside the nginx container as port 80 is used inside the container
root@60ec582e90f4:/# nc -vz 127.0.0.1 80 -w 4
localhost [127.0.0.1] 80 (?) open
Hence, for nc -vz a.b.c.d P -w 4 to work inside a container, port P must be used on IP address a.b.c.d inside that container.
simply put -n on both sides of listener and client to remove this error as it will neglect the DNS look up by using it.