Unlike what has been said in #4214, docker (as of version 1.3.1) does not respect no_proxy IP range in CIDR notation. It was supposedly fixed in #4836.

How to reproduce (assuming ubuntu 14.04 host with an internal IP of 192.168.33.10):

• install lxc-docker-1.3.1
• make a tunnel to an existing docker registry, eg. socat TCP4-LISTEN:8080,fork,reuseaddr TCP4:index.docker.io:80'
• put the following content in /etc/default/docker:

# Docker Upstart and SysVinit configuration file

# Use DOCKER_OPTS to modify the daemon startup options.
DOCKER_OPTS='--insecure-registry=192.168.33.10:8080'

# If you need Docker to use an HTTP proxy, it can also be specified here.
export HTTP_PROXY=http://192.168.33.10:1337 # nobody there
export NO_PROXY=192.168.33.0/24

• sudo service docker restart
• sudo docker pull 192.168.33.10:8080/busybox:ubuntu-14.04 # fails because NO_PROXY CIDR range is not interpreted and the inexistent proxy is then used.

To prove that NO_PROXY is used, change the export NO_PROXY=192.168.33.0/24 line to export NO_PROXY=192.168.33.10 and sudo service docker restart then attempt the docker pull above again. It will work (or at least fail without contacting the inexistent proxy) which means that NO_PROXY is respected but only for ip address, not for CIDR ranges.