opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-15 02:06:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

docs: improve documentation for internal networks

Browse Source 
This goes into more detail about what this option actually does.

Signed-off-by: Michael Zimmermann <sigmaepsilon92@gmail.com>
This commit is contained in:
Michael Zimmermann
2024-11-25 18:47:47 +01:00
parent 697c4181d2
commit e608874004
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/source/markdown/podman-network-create.1.md
View File

@ -70,6 +70,14 @@ Because it bypasses the host network stack no additional restrictions can be set
privileged container is run it can set a default route themselves. If this is a concern then the privileged container is run it can set a default route themselves. If this is a concern then the
container connections should be blocked on your actual network gateway. container connections should be blocked on your actual network gateway.
Using the `bridge` driver with this option has the following effects:
- Global IP forwarding sysctls will not be changed in the host network namespace.
- IP forwarding is disabled on the bridge interface instead of setting up a firewall.
- No default route will be added to the container.
In all cases, aardvark-dns will only resolve container names with this option enabled.
Other queries will be answered with `NXDOMAIN`.
#### **--ip-range**=*range* #### **--ip-range**=*range*
Allocate container IP from a range. The range must be a either a complete subnet in CIDR notation or be in Allocate container IP from a range. The range must be a either a complete subnet in CIDR notation or be in