Docker launch parameters have been set up, the iptables=false
This same host on the same network segment and different network segment docker can ping each other
Two segment
10.10.0.0
10.20.0.0
Three docker respectively
/busybox - m - 1 net1 10.10.0.2
/busybox - m - 11 net1 10.10.0.3
/busybox - m - 2 net2 10.20.0.2


After iptables Settings are
-p FORWARD ACCEPT
- N DOCKER - LXC
- A FORWARD - j DOCKER - LXC
- A DOCKER - LXC - s 10.10.0.2/32 - j DROP

Docker exec - it busybox - m - 1 ping 10.10.0.3
Can

Docker exec - it busybox - m - 1 ping 10.20.0.2
No

How can not ping 10.10.0.3