Intercontainer communication access and cattle-network

When i running docker daemon with icc=false and iptables=true paramaters, docker daemon just added docker network ipS to iptables. This is a big problem because rancher-agent not added castle ips on the cluster nodes. For the security communication between the containers , should work in these parameters. Otherwise they will be able to talk to each other conrainers.

Section:2.1 & 2.3

Any answer for this question?

I’m not sure what the questing is, but the current network model for the overlay network assumes that all containers in an environment can talk to each other and the normal configuration of the docker daemon.