9.2.2.2 Compose Custom Networks

Compose custom networks are explicitly declared networks, defined under a Compose file's top-level networks key, used in place of (or alongside) the automatic default network to express more deliberate connectivity and segmentation between an application's services.

Declaring and Assigning a Custom Network

A custom network is declared by name, then assigned to whichever services should be connected through it.

services:
  frontend:
    networks:
      - app-net
  api:
    networks:
      - app-net

networks:
  app-net:
    driver: bridge

Using Multiple Custom Networks for Segmentation

Several custom networks can be declared, each connecting a different subset of services, achieving network-level isolation between groups of services that shouldn't directly communicate.

services:
  frontend:
    networks:
      - public-tier
  api:
    networks:
      - public-tier
      - data-tier
  db:
    networks:
      - data-tier

networks:
  public-tier:
  data-tier:

frontend and db cannot reach each other directly, since they share no common custom network — only api, bridging both tiers, can communicate with each.

Customizing a Network's Configuration

A custom network's declaration can include driver options and other settings tailoring its specific behavior beyond what the default network provides.

networks:
  app-net:
    driver: bridge
    ipam:
      config:
        - subnet: 172.28.0.0/16

Verifying Custom Network Configuration

Confirming a custom network was created with the intended configuration validates that the declared settings are correctly taking effect.

docker network inspect myapp_app-net

Why Compose Custom Networks Matter

Declaring custom networks provides the explicit control needed for applications whose services shouldn't all be uniformly interconnected, enabling deliberate architectural boundaries that the single, shared default network cannot express on its own.