RHEL / CentOS Linux 7 Enable Ping Access In Docker Container

I’m using RHEL 7.1-4 container on a RHEL /CentOS Linux 7.x server. However, I’m unable to ping external site/IP address using the ping command. I’m getting the following error on screen:

ping: Operation not permitted

How do I fix this problem?

Linux kernel v2.2+, divides the privileges traditionally associated with superuser into distinct units, known as capabilities, which can be independently enabled and disabled. Capabilities are a per-thread attribute. For example, CAP_NET_ADMIN capabilities perform various network-related operations such as:[donotprint][/donotprint]

  1. Interfaceconfiguration
  2. Administration of IP firewall, masquerading, and accounting;
  3. Modify routing tables;
  4. Bind to any address for transparent proxying
  5. Set type-of-service (TOS
  6. Clear driver statistics
  7. Set promiscuous mode
  8. Enabling multicasting
  9. The CAP_NET_RAW capabilities perform various operations such as:
    1. Use RAW and PACKET sockets
    2. Bind to any address for transparent proxying

Docker fix ping: Operation not permitted error

On a host server type the following command to assign CAP_NET_RAW and CAP_NET_ADMIN capabilities. The syntax is:

docker run --cap-add net_raw --cap-add net_admin --rm -t -i rhel7 /bin/sh


docker run --cap-add net_raw --cap-add net_admin --rm -t -i /bin/bash

Attach to docker console

The following command allows you to enter a running docker called wwwserver:

docker exec -it [container-id] bash
docker exec -it wwwserver bash

Test ping command

Install ping command in wwwserver:

[root@wwwserver]# yum install -y iputils

Run the ping command:

[root@wwwserver]# ping -c4
PING ( 56(84) bytes of data.
64 bytes from ( icmp_seq=1 ttl=55 time=42.2 ms
64 bytes from ( icmp_seq=2 ttl=55 time=42.2 ms
64 bytes from ( icmp_seq=3 ttl=55 time=42.1 ms
64 bytes from ( icmp_seq=4 ttl=55 time=42.1 ms

--- ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 42.160/42.194/42.217/0.146 ms

Posted by: SXI ADMIN

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.


How to KVM, QEMU start or stop virtual machine from command line (CLI)

KVM or Kernel Based Virtual Machine is a popular virtualization technology. It allows you to run virtual guest machines over a host machine. To start...

How to Docker backup Saving and restoring your volumes

Running a Docker volume backup First, we spin up a temporary container, and we mount the backup folder and the target Docker volume to this container....

How to Start and Enable Firewalld on CentOS 7

In this article, we discuss how to start and enable firewalld. It is highly recommended that you have a firewall protecting your server.Pre-Flight CheckThese...