How does docker bind public network IP

  docker, question

I have been working on this problem all day and night. weave and pipework have been used successively. However, the two of them can only realize the intercommunication between the host computer and each container. For example, the method can realize the intercommunication between other physical hosts and containers. Even if the public network IP bridged by pipework is not allocated by the router.

I need to expose a network completely through router LAN IP (just like a virtual machine). How can this be achieved?

My idea is that the host binds multiple IP’s, and then an IP specifies a container (this is not very good either).

My requirement is that the container is completely exposed, and the external network host (non-host, other physical machines of host LAN) can access (via independent IP).

It is very difficult to solve my problem with the existing articles on the internet. Do you have a mature solution?

Just now I implemented iptables mapping, just as I imagined in my question:

Step 1: Configure multiple IP’s on the host
Step 2: Map an external IP(192.168.1.x) to an internal IP (172.17.0.x)