Home Explore Blog CI



docker
3rd chunk of `content/manuals/desktop/features/networking.md`
dcabb62bc266bd07059756bb82610f31f9ba7726836bd71a00000001000008a0
  }
}
```

{{< /tab >}}
{{< tab name="DNS resolution" >}}

Auto filter:

```json
{
  "dnsInhibition": {
    "locked": true
    "value": "auto"
  }
}
```

Filter IPv4:

```json
{
  "dnsInhibition": {
    "locked": true
    "value": "ipv4"
  }
}
```

Filter IPv6:

```json
{
  "dnsInhibition": {
    "locked": true
    "value": "ipv6"
  }
}
```

No filter:

```json
{
  "dnsInhibition": {
    "locked": true
    "value": "none"
  }
}
```

{{< /tab >}}
{{< /tabs >}}

## Networking features for Mac and Linux

### SSH agent forwarding

Docker Desktop for Mac and Linux lets you use the host’s SSH agent inside a container. To do this:

1. Bind mount the SSH agent socket by adding the following parameter to your `docker run` command:

   ```console
   $--mount type=bind,src=/run/host-services/ssh-auth.sock,target=/run/host-services/ssh-auth.sock
   ```

2. Add the `SSH_AUTH_SOCK` environment variable in your container:

    ```console
    $ -e SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock"
    ```

To enable the SSH agent in Docker Compose, add the following flags to your service:

 ```yaml
services:
  web:
    image: nginx:alpine
    volumes:
      - type: bind
        source: /run/host-services/ssh-auth.sock
        target: /run/host-services/ssh-auth.sock
    environment:
      - SSH_AUTH_SOCK=/run/host-services/ssh-auth.sock
 ```

## Known limitations

### Changing internal IP addresses

The internal IP addresses used by Docker can be changed from **Settings**. After changing IPs, you need to reset the Kubernetes cluster and to leave any active Swarm.

### There is no `docker0` bridge on the host

Because of the way networking is implemented in Docker Desktop, you cannot
see a `docker0` interface on the host. This interface is actually within the
virtual machine.

### I cannot ping my containers

Docker Desktop can't route traffic to Linux containers. However if you're a Windows user, you can
ping the Windows containers.

### Per-container IP addressing is not possible

This is because the Docker `bridge` network is not reachable from the host.
However if you are a Windows user, per-container IP addressing is possible with Windows containers.

## Use cases and workarounds
Title: SSH Agent Forwarding with Docker Compose and Known Networking Limitations in Docker Desktop
Summary
This section continues the explanation of SSH agent forwarding, now showing how to configure it within a Docker Compose file. It then outlines known networking limitations in Docker Desktop, including the ability to change internal IP addresses (requiring Kubernetes reset and Swarm leave), the absence of a `docker0` bridge on the host, the inability to ping Linux containers (but possible for Windows containers on Windows hosts), and the impossibility of per-container IP addressing due to the Docker bridge network being unreachable from the host (except for Windows containers on Windows).