Forward public UDP traffic to container?


I’ve just started with balena & am trying to figure out a networking issue. I have a UDP service running on a port (lets say 9000). From what I can tell, exposing services looks limited to HTTP traffic only, but I’m hoping I’m missing something. Is it possible to expose a UDP port for a custom protocol to a publicly accessible IP address (ie: without balena tunnel)


Hello @nevelis ,
Welcome to balena forums!

You can expose your container port making it available from other nodes in the device network in multiple ways:

  • setting network: host on your service in docker-compose file - this will make your container to use the host OS network stack, and all ports exposed by the container (for instance, with EXPOSE in Dockerfile) will be published
  • setting ports field on your service in docker-compose to something like `- ‘<host_port:container:port/>’. For instance,
- ports:
  - '9000:9000/udp'

Steps above, as I mentioned, will make your container exposed to the network that the device belongs to. Speaking about publically accessible IP address, balena provides a “device URL” functionality but this indeed works with HTTP traffic only (and has websocket support).

Hence, making your device accessible/disocverable (without using the tunnel functionality) would need to be achieved in some other ways.

Hope this helps. Let us know if you have other questions.

Container to container networking is working fine but as you suggest I will need to find another way to connect to the device. It is behind a NAT which complicates things. Thanks for the suggestion :slight_smile:

There are common NAT traversal technique you can explore to get UDP traffic to work, but balena does not offer special solutions for it via the backend and success depends on the local network routers and firewalls: