wrong DNS server in /etc/resolv.conf of bastion host

[bhaubeck]

In our last deployments, the nameserver in the /etc/resolv.conf was the virtualization host (in our example 192.168.88.1), but from our understanding it should be the bastion server (192.168.88.2) itself as on the bastion host the DNS server got configured.

[yussufsh]

Any issue you are facing with this? I think both the GW and localhost entries will be added to the bastion node.

[bhaubeck]

we had issues as the GW was also answering for DNS requests but was only working as an relay. And so the DNS request got forwarded to a server who does not know anything about out OCP master and worker nodes.

[yussufsh]

What I see are 2 entries with DNS in GW and bastion(127.0.01) in resolv.conf

# cat /etc/resolv.conf
# Generated by NetworkManager
search yoff-a545.example.com example.com
nameserver 192.168.17.1
nameserver 127.0.0.1

And then the libvirt network will also have a forwarder to the bastion node (192.168.17.2).

# virsh net-dumpxml yoff-a545
<network connections='7'>
  <name>yoff-a545</name>
  <uuid>85133106-d2c0-47d0-85cb-38b2e925dbe4</uuid>
  <forward mode='nat'>
    <nat>
      <port start='1024' end='65535'/>
    </nat>
  </forward>
  <bridge name='virbr7397' stp='on' delay='0'/>
  <mac address='52:54:00:26:5a:cd'/>
  <domain name='yoff-a545.example.com' localOnly='yes'/>
  <dns enable='yes'>
    <forwarder domain='yoff-a545.example.com' addr='192.168.17.2'/>
  </dns>
  <ip family='ipv4' address='192.168.17.1' prefix='24'>
    <dhcp>
      <host mac='52:54:00:1e:7e:84' name='yoff-a545-bastion.example.com' ip='192.168.17.2'/>
    </dhcp>
  </ip>
</network>

We require the the GW DNS before the installation to pull the artifacts and other configuration requiring internet connections.

[yussufsh]

As per my last comment we have 127.0.0.1 in resolv.conf which is bastion host where a DNS service is running. Please re-open if you are not satisfied with the answer.