Can not start three containers with published ports, if using two NAT networks

Question

Can not start three containers with published ports, if using two NAT networks

leojth opened this issue 3 months ago · 3 comments

Describe the bug
On Windows Server 2022 I can not start three (or more) containers with published ports, if using two (or more) NAT networks.
It works perfectly in Windows Server 2019.

When starting the third container, the command hangs indefinitely until the first container is stopped. The Windows Service "Host Network Service" will also take allot of CPU during that time.

To Reproduce

Have a Windows Server 2022 with Docker Engine installed. Open PowerShell as Administrator.
Create two NAT networks

docker network create --driver=nat --subnet=192.168.101.0/24 net1
docker network create --driver=nat --subnet=192.168.102.0/24 net2

Start three containers with published ports

docker run -d --network=net1 --publish 6001:6001 --name container1 mcr.microsoft.com/windows/nanoserver:ltsc2022 cmd /s /c ping -t 127.0.0.1
docker run -d --network=net2 --publish 6002:6002 --name container2 mcr.microsoft.com/windows/nanoserver:ltsc2022 cmd /s /c ping -t 127.0.0.1
docker run -d --network=net2 --publish 6003:6003 --name container3 mcr.microsoft.com/windows/nanoserver:ltsc2022 cmd /s /c ping -t 127.0.0.1

The third command will now hang. It can not be aborted with CTRL+C. When running docker ps -a the status of the container is "Created". If trying to kill or remove the container, that command also hangs.

Expected behavior
The third container should be started as the other two and the command should return.

Configuration:

Edition: Windows Server 2022
Base Image being used: mcr.microsoft.com/windows/nanoserver:ltsc2022
Container engine: Docker
Container Engine version: 26.0.1 (have also tried 25, 24 and 23)
Isolation mode: process

Additional context
Running the third container in a separate third NAT network gives the same result.

Full Docker logs here, but when the command hangs, the last log entry is:

[POST]=>[/endpoints/] Request : {"VirtualNetwork":"19E54EF9-D686-4658-AE9C-EC65DC6DAD0E","Policies":[{"Type":"NAT","Protocol":"tcp","InternalPort":6003,"ExternalPort":6003,"ExternalPortReserved":true}],"EnableInternalDNS":true}

Image below showing high CPU load on "Host Network Service" when trying to run third container.

Image below showing result of docker ps -a when trying to run third container.

Answer 1 · 2024-04-17T17:10:51.000Z

Thanks for raising this issue @leojth, I've created an internal ticket for this bug (# 50179353). We'll look at this issue soon.

Answer 2 · 2024-05-23T23:29:49.000Z

@fady-azmy-msft @adrianm-msft the root cause of this bug is the same as 140: Can't start any two docker-compose environments and 484: Container start hangs if it was created from another container

I recommend this issue be closed and 140 be used to track as it is currently assigned.

Answer 3 · 2024-05-28T16:55:17.000Z

Thanks @Ramunasoft, I will close this issue and we will continue tracking the progress under issue #140.