after traceroute… now ping from inside a container

If you run some RHEL (or CentOS) based container, you may figure that ping is not working as expected from inside the container. You may also try running the container with some additional capabilities enabled.. capabilities? container? What that means, and what you gain security-wise is described in detail in Dan Walsh‘s [post on docker security][3] over at

How to run a docker container with some additional capabilities:

host# docker run --cap-add net_raw --cap-add net_admin --rm -t -i bash
container# yum install -y iputils
container# ping

To figure out what capabilities a binary needs you could use getcap.