Docker Bridge Network IP Range to CIDR
Convert Docker bridge network IP ranges to CIDR notation. Understand Docker's default networking, custom bridge configuration, and overlay networks.
Detailed Explanation
Docker Bridge Network CIDR Configuration
Docker uses bridge networks for container-to-container communication. The default bridge network uses 172.17.0.0/16, but custom bridge networks are assigned from a configurable address pool.
Default Docker Bridge
Default: 172.17.0.0 - 172.17.255.255
CIDR: 172.17.0.0/16
Docker assigns this range automatically. The gateway is typically 172.17.0.1, and containers get addresses starting from 172.17.0.2.
Custom Bridge Networks
When you create custom bridge networks, Docker allocates from its address pool:
docker network create --subnet=192.168.100.0/24 my-network
Docker Daemon Address Pool
Configure the address pool in /etc/docker/daemon.json:
{
"default-address-pools": [
{"base": "10.10.0.0/16", "size": 24}
]
}
This tells Docker to allocate /24 subnets from the 10.10.0.0/16 range.
Common Docker CIDR Conflicts
Docker's default 172.17.0.0/16 can conflict with:
| Service | Common Range |
|---|---|
| AWS default VPC | 172.31.0.0/16 |
| Corporate VPN | 172.16.0.0/12 |
| Other Docker hosts | 172.17-172.31.0.0/16 |
Docker Compose Networking
networks:
backend:
driver: bridge
ipam:
config:
- subnet: 10.20.0.0/24
gateway: 10.20.0.1
Troubleshooting Range Conflicts
When Docker's range overlaps with your VPN or cloud network:
- Identify the conflicting ranges
- Convert both to CIDR using this tool
- Check for overlap
- Reconfigure Docker's address pool to use a non-overlapping range
Use Case
A developer discovers that Docker containers can't reach internal services because Docker's 172.17.0.0/16 network overlaps with the corporate VPN range 172.16.0.0 - 172.19.255.255. They convert both ranges to CIDR and reconfigure Docker to use 10.200.0.0/16 instead.