docker-apps/_instructions/troubleshooting container network.txt

https://github.com/nicolaka/netshoot

# Container's Network Namespace: If you're having networking issues with your application's container, you can launch netshoot with that container's network namespace like this:
docker run -it --net container:<container_name> nicolaka/netshoot

# Host's Network Namespace: If you think the networking issue is on the host itself, you can launch netshoot with that host's network namespace:
docker run -it --net host nicolaka/netshoot

# Launching netshoot with NET_ADMIN and CAP_NET_RAW capabilities. Capturing packets on eth0 with icmp 
docker run --rm --cap-add=NET_ADMIN --cap-add=NET_RAW -it nicolaka/netshoot termshark -i eth0 icmp

# Capturing with “tcpdump” for viewing with Wireshark inside netshoot
# -------------------------------------------------------------------
docker run -it --net container:<container_name> nicolaka/netshoot      # launch netshoot with container's network namespace
tcpdump -i <interface> -s 65535 -w <file>                              # capture with tcpdump
docker cp <containerId>:/file/path/within/container /host/path/target  # copy dump file from netshoot to host

# Example of tcpdump capture: (using two terminals)
# -------------------------------------------------
# launch netshoot with plex's network namespace from docker shell
  docker run -it --net container:plex nicolaka/netshoot

# run tcpdump within netshoot container: 
  tcpdump -i eth0 -s 65535 -w /tmp/plexdump.cap
  
# stop the dump
  ctrl-c

# to get netshoot container name/id; using other terminal, in docker shell, enter:
  docker ps | grep "netshoot"
  
# result of above; first item is containerId, last item is container name:
       0c3986714b3f   nicolaka/netshoot   "zsh"   35 minutes ago   Up 35 minutes   exciting_jang 

# copy file to current folder
  docker cp exciting_jang:/tmp/plexdump.cap  ./             
  
# you can now exit from netshoot in first terminal