Docker Networking takes a step in the right direction

Apr 30 2015


It’s been just over one month since the SocketPlane team joined Docker and we’ve been working hard to deliver on our promise of helping to grow a healthy ecosystem around Networking. This week, with the help of our partners, we’ve taken the first major step by making libnetwork open source.

What is libnetwork?

In its initial form libnetwork is an amalgamation of the networking code from both libcontainer and Docker Engine that we expect to grow into a multi-platform library for networking containers, much like how libcontainer is used to create containers today.

Libnetwork also introduces the Container Network Model (CNM) which was inspired by this GitHub issue and the valuable input from networking partners Cisco, IBM, Joyent, Microsoft, Rancher, VMware and Weave.

With the help of our ecosystem, we’ve laid the foundations for a valuable library that can be extended to provide networking for any container runtime!

The Container Network Model (CNM)

The CNM defines 3 new terms:


Network Sandbox

An isolated environment where the Networking configuration for a Docker Container lives.


A network interface that can be used for communication over a specific network. Endpoints join exactly one network and multiple endpoints can exist within a single Network Sandbox.


A network is a uniquely identifiable group of endpoints that are able to communicate with each other. You could create a “Frontend” and “Backend” network and they would be completely isolated.

The CNM provides the following contract between networks and containers.

  • All containers on the same network can communicate freely with each other.
  • Multiple networks are the way to segment traffic between containers and should be supported by all drivers.
  • Multiple endpoints per container are the way to join a container to multiple networks.
  • An endpoint is added to a network sandbox to provide it with network connectivity.

The foundation for Docker networking

In order to make a pluggable interface for networking, we first had to find the right place in the Docker platform. This was difficult when the networking duties were split between Docker Engine and libcontainer. Now with libnetwork and the CNM we are able to create the necessary API for networking.

The most exciting change introduced with libnetwork is that we’re reimplementing Docker’s bridged networking (“docker0”) using the same CNM API that other plugins would use. This is in the spirit of our “batteries included but swappable” philosophy that gives the user complete flexibility in choice of tooling and complete application portability across infrastructures and networks.

What’s next?

libnetwork is under heavy development right now and we will be joining the Docker Platform release cadence – shipping capabilities every other month starting with Docker 1.7.

The initial scope of work includes:

  • Integrating libnetwork with the Docker Engine
  • Updating the Docker CLI with new “network” commands
  • Documenting how the “–net” flag is used to assign containers to networks
  • Support for adding “labels” to both Networks and Endpoints
  • Developing a “bridge” plugin that is feature equivalent to Docker’s current implementation
  • Developing a “distributed bridge” plugin to allow networks to span across Docker Engines

Longer term we would like to see:

  • Support for multiple platforms
  • Development of more plugins to solve common networking use cases

How to get involved

libnetwork is an open source project on Github!  We encourage  input and  ideas.  Submit an issue or pull request  to help shape the future of this project.

In the coming weeks, we’ll be adding GitHub issues with “status/help-wanted” where we are seeking community assistance in delivering certain features.

  • Mail the docker-dev mailing list
  • Join the discussion on #docker-network on Freenode

Learn More about Docker


2 thoughts on "Docker Networking takes a step in the right direction"

DockerCon 2022

With over 50 sessions for developers by developers, watch the latest developer news, trends, and announcements from DockerCon 2022. From the keynote to product demos to technical breakout sessions, hacks, and tips & tricks, there’s something for everyone.

Watch Now