UDP Protocol seems using nf_conntrack table.
If a record in nf_conntrack is same source port(8301) and destination port(8301), host server assume that the connection is made.
container -> host -> other server
if a client sent a packet to other server like above, a conntrack record will be created and host server assume that udp stream is created.
And if other server sends a packet to the host, the packet will be sent to container because of host server's nf_conntrack even if there is no binding port.
In this case, we are not able to use bridge network in docker because sometimes if container ip changes, it will fail.
If this kind of implementaion is done, we can deploy consul client in docker environment. And all connection can be done because the payload always have source ip and port.
This might be related with docker udp issues in Consul. https://github.com/hashicorp/docker-consul/issues/60
UDP Protocol seems using nf_conntrack table. If a record in nf_conntrack is same source port(8301) and destination port(8301), host server assume that the connection is made.
container -> host -> other server
if a client sent a packet to other server like above, a conntrack record will be created and host server assume that udp stream is created. And if other server sends a packet to the host, the packet will be sent to container because of host server's nf_conntrack even if there is no binding port. In this case, we are not able to use bridge network in docker because sometimes if container ip changes, it will fail.
I wanna suggest a solution in this case.
In net_transport.go, memberlist reuses udp listener to send the payload. https://github.com/hashicorp/memberlist/blob/3f82dc10a89f82efe300228752f7077d0d9f87e4/net_transport.go#L204
I think it can be better there is an option that can separate udp sender and listener. https://github.com/hashicorp/memberlist/blob/3f82dc10a89f82efe300228752f7077d0d9f87e4/net_transport.go#L49-L60 In NetTransport struct, we can have
udpSenders []*net.UDPConn
. In this case, sender might be created using random port likeudpSender, err := net.ListenUDP("udp", nil)
If this kind of implementaion is done, we can deploy consul client in docker environment. And all connection can be done because the payload always have source ip and port.