Docker sets a lot of automatic rules in your iptables. If you use a network bridge on your Linux box, you may want to change add an additional rule to avoid traffic generated on your bridge from being discarded by Docker.
$ EDITOR=vim sudo -E systemctl edit docker
[Service] ExecStartPre=-/usr/sbin/iptables -I FORWARD -i br0 -j ACCEPT ExecStopPost=/usr/sbin/iptables -D FORWARD -i br0 -j ACCEPT
(the “-” at the beginning tolerates failures. In this way, both if the rule doesn't exist or it's duplicate, a new one gets created and then delete during stopping)
$ sudo systemctl daemon-reload $ sudo systemctl restart docker
Remember to adjust your iptables path according to the distro you are using.
Error response from daemon: container 13229c2ec314a390bc2edf641c9d189ac1dcf69f6b56bb7e681f032cbc9bc329: driver "zfs" failed to remove root filesystem: exit status 1: "/sbin/zfs fs destroy -r zpool-docker/9a1252e3f5f687077620636855ae9de7aeabd41d4d9dd3e3bcb4892f90901a59" => cannot open 'zpool-docker/9a1252e3f5f687077620636855ae9de7aeabd41d4d9dd3e3bcb4892f90901a59': dataset does not exist