The following forum post generally describes my same issue:
https://forums.docker.com/t/docker-networking-question-udp-ports-being-re-written-on-outbound/64746
My Docker container runs a data collector that sends encrypted UDP messages to external/physical network devices. The proprietary encryption mechanism uses the sending port number (with other keys) to encrypt the message. This means that the UDP port number for the message being sent to the external devices cannot change in order for the message to be properly received and replied to. However, even with using the "-p 5500:5500/udp" on the command line or "ports: 5500:5500/udp" in the docker compose file, UDP messages sent by my data collector using port 5500 will leave the Docker host using some random UDP port number with Bridge networking. Note – the random port number used by the Docker host will remain the same for the life of my running container.
For Bridge networking, how can I make the “ports: 5500:5500/udp” rule work for both Outbound and Inbound UDP messages?
I have confirmed this behavior using the latest Docker Desktop (version 4.37.1, Engine: 27.4.0, Compose: v2.31.0-desktop.2) installed on Windows 11 and Ubuntu 24.04. My container is also based on “ubuntu:latest”.
“netstat -tulnp” and “lsof -i -P -n” both show that my data collector is definitely using UDP port 5500.
I’m trying to avoid Host networking, but is that my only option for avoiding UDP port number translation for outbound UDP messages from my data collector container?
