I have a docker ecosystem running. Multiple containers need to communicate with each other. For reasons of my own I do not use the docker-supplied inter-container-communication but ordinary http/https URLs. My containers run on a pre-configured Digital Ocean droplet (which works very well). This comes with a pre-configured ufw firewall. The standard rules are:
root@sc-testserver:~# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), allow (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp LIMIT IN Anywhere
2375/tcp ALLOW IN Anywhere
2376/tcp ALLOW IN Anywhere
22/tcp (v6) LIMIT IN Anywhere (v6)
2375/tcp (v6) ALLOW IN Anywhere (v6)
2376/tcp (v6) ALLOW IN Anywhere (v6)
Accessing the web apps running in the containers through a browser works very well. However, when the containers start communication with each other, a dead pause of exactly 60 seconds happens before each communication, causing timeout errors.
After some googling, I found that several users reported similar problems, and they found that ufw blocked requests. When I added new rules to ufw permitting all access from the IPs of my containers my problems went away. This seems to indicate that the "22/tcp limit" rule caused the requests to hang for a minute before being let through.
So my question is, what is the connection between "22/tcp" and port 443 which is intended for https?
I have browsed countless introductions to ufw, and they all repeat the same instructions. They do mention that I can allow connections to 443 and 80, but this does not seem to be necessary, as I can already get through.
