Cannot forward UDP ports #50613
Description
Description
I'm using Docker Swarm to manage all my services. I've been trying to host an Assetto Corsa game server but the UDP check would also fail and nobody could connect.
Reproduce
# run a container that listens to a UDP port
# make sure to forward the port if you're not scanning from the local network
docker run --rm -p 27015:27015/udp avivace/ror2server:latest
# check for open UDP ports
nmap -sU -p 27015 <your public IP address|127.0.0.1>
# here, I get "open|filtered" as a responseExpected behavior
package main
import (
"fmt"
"net"
)
func main() {
// Resolve the UDP address
udpAddr, err := net.ResolveUDPAddr("udp", ":9988")
if err != nil {
fmt.Println("Error resolving address:", err)
return
}
// Listen on the UDP address
conn, err := net.ListenUDP("udp", udpAddr)
if err != nil {
fmt.Println("Error listening on UDP:", err)
return
}
defer conn.Close()
buffer := make([]byte, 1024)
for {
// Read from the connection
n, addr, err := conn.ReadFromUDP(buffer)
if err != nil {
fmt.Println("Error reading from UDP:", err)
continue
}
fmt.Printf("Received %s from %s\n", string(buffer[:n]), addr)
// Respond with "pong!"
response := []byte("pong!")
_, err = conn.WriteToUDP(response, addr)
if err != nil {
fmt.Println("Error writing to UDP:", err)
}
}
}When I run this Go program and run the same nmap command with port 9988, I get "open" as a response.
docker version
Client:
Version: 26.1.5-ce
API version: 1.45
Go version: go1.22.10
Git commit: 411e817ddf71
Built: Wed Dec 11 12:00:00 2024
OS/Arch: linux/amd64
Context: default
Server:
Engine:
Version: 26.1.5-ce
API version: 1.45 (minimum version 1.24)
Go version: go1.22.10
Git commit: 411e817ddf71
Built: Wed Dec 11 12:00:00 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v1.7.23
GitCommit: 57f17b0a6295a39009d861b89e3b3b87b005ca27
runc:
Version: 1.1.14
GitCommit: v1.1.14-0-g2c9f5602f0ba
docker-init:
Version: 0.2.0_catatonit
GitCommit:docker info
Client:
Version: 26.1.5-ce
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: 0.11.2
Path: /usr/lib/docker/cli-plugins/docker-buildx
Server:
Containers: 56
Running: 43
Paused: 0
Stopped: 13
Images: 51
Server Version: 26.1.5-ce
Storage Driver: overlay2
Backing Filesystem: btrfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: active
NodeID: uep1fdcmfh2aeqx7eg5inesi7
Is Manager: true
ClusterID: 927n33dusvewjkaj3n12q6egi
Managers: 1
Nodes: 1
Default Address Pool: 10.0.0.0/8
SubnetSize: 24
Data Path Port: 4789
Orchestration:
Task History Retention Limit: 5
Raft:
Snapshot Interval: 10000
Number of Old Snapshots to Retain: 0
Heartbeat Tick: 1
Election Tick: 10
Dispatcher:
Heartbeat Period: 5 seconds
CA Configuration:
Expiry Duration: 3 months
Force Rotate: 0
Autolock Managers: false
Root Rotation In Progress: false
Node Address: 192.168.1.113
Manager Addresses:
192.168.1.113:2377
Runtimes: io.containerd.runc.v2 oci runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 57f17b0a6295a39009d861b89e3b3b87b005ca27
runc version: v1.1.14-0-g2c9f5602f0ba
init version:
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.4.0-150600.23.33-default
Operating System: openSUSE Leap 15.6
OSType: linux
Architecture: x86_64
CPUs: 10
Total Memory: 62.67GiB
Name: gaia
ID: 427af302-a406-4d87-b047-8ce3b49c5537
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: falseAdditional Info
No response