MacOS port 53 conflict with mdnsresponder

[ntilagoa]

I use your vpn client and I am very happy with it, now I was trying this but I get error below.

[ntilagoa]

Hi

Sorry if is a stupid question. Not much experience with this.

My Mac as 5/6 processes that run on port 53, so when I try run the docker I get error:

(docker: Error response from daemon: Ports are not available: exposing port UDP 0.0.0.0:53 -> 0.0.0.0:0: listen udp 0.0.0.0:53: bind: address already in use.)

Anyway to resolve this?? Thank you very much

[ntilagoa]

[qdm12]

You might want to try image qmcgaw/dns:v2.0.0-beta. It's quite stable, offer more fun stuff like metrics, should be on par with Unbound (latest image and v1.x.x images) in under 2-4 weeks. Documentation is at https://github.com/qdm12/dns/tree/v2.0.0-beta and you can set LISTENING_ADDRESS=:63 to change port. Saying all this especially since development on the master branch / v1.x.x/latest images is stopped to focus on releasing a v2.0.0 release.

Now if you want it to listen on port 53, you need to have that port available, or have a udp proxy to redirect requests to other ports depending on the request. If so, why do you want other programs listening on port 53? The dns v2.0.0-beta can already forward local names dns requests to other servers, but if you need something specific feel free to comment it and I can implement it eventually 😉

My Mac as 5/6 processes that run on port 53

I don't think so 🤔 Only a single process can listen on a specific port+protocol. And the dns server should listen on both udp and tcp (for truncated messages not fitting over)

[qdm12]

I just saw your screenshot, sorry about that. What does sudo lsof -nP -i4TCP:53 and sudo lsof -nP -i4UDP:53 give you from a terminal? There might be some proxy already like dnsmasq 🤔

[ntilagoa]

Hi Thank you for your answer. Running those commands:

vitor@MainServer ~ % sudo lsof -nP -i4TCP:53
COMMAND   PID           USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
mDNSRespo 161 _mdnsresponder   44u  IPv4 0xcb46443f09fc0e1b      0t0  TCP *:53 (LISTEN)

vitor@MainServer ~ % sudo lsof -nP -i4UDP:53
COMMAND   PID           USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
mDNSRespo 161 _mdnsresponder   42u  IPv4 0xcb46443f0748b68b      0t0  UDP *:53
vitor@MainServer ~ %

[ntilagoa]

It seems to be mDNSresponder.

I made a google search and find this on an apple forum:

mDNSresponder is a process required for discovering Macs used for Back to My Mac as well as related Bonjour device discovery features. It was briefly superseded by the ill-fated discoveryD which never worked right. Like many other macOS components it’s required for proper operation, so make no attempt to delete it or prevent it from working.

[qdm12]

Try with docker port mapping 127.0.0.1:53:53/udp and 127.0.0.1:53:53/tcp? mdnsresponder might not be listening on the loopback interface...

[ntilagoa]

Hi, I get this error with port mapping

vitor@MainServer ~ % docker run -d -p 127.0.0.1:53:53/udp -p 127.0.0.1:53:53/tcp qmcgaw/dns:v2.0.0-beta f30647c70ef2795f87e7c0fee258a781acf044f6fb176fa7008d467171450876 docker: Error response from daemon: Ports are not available: exposing port TCP 127.0.0.1:53 -> 0.0.0.0:0: failed to connect to /var/run/com.docker.vmnetd.sock: is vmnetd running?: dial unix /var/run/com.docker.vmnetd.sock: connect: no such file or directory.

Do not know if I am running the command correctly.

I saw this on docker-mac GitHub, but I am afraid to try it. I am on BigSur 11.7.6. I run several things on my setup and I do not want to mess things.

(https://github.com/docker/for-mac/issues/6677)

OK, I installed vmnetd

sudo /Applications/Docker.app/Contents/MacOS/install vmnetd

but now I get the error , ports not available

vitor@MainServer ~ % docker run -d -p 127.0.0.1:53:53/udp -p 127.0.0.1:53:53/tcp qmcgaw/dns:v2.0.0-beta 678d896d5ea6973884432ee05f1794eec07ccfcb02bec5698e3bb2916ea770be docker: Error response from daemon: Ports are not available: exposing port UDP 127.0.0.1:53 -> 0.0.0.0:0: command failed.

I think I am going to give up. Thank you very much for all your help. Your work is much appreciated.

[qdm12]

What do you want to use the dns server for? Is it just for the machine running it or for other containers? If it's for the Machine running it, would you it be interesting to serve dns over tls on port 853 tcp instead of port 53? That's issue #106 😉

[ntilagoa]

Hi

Well, the idea was to use it for the machine running it and other containers and other machines on my network.

[qdm12]

Try turning off the use of the kernel for udp: https://github.com/docker/for-mac/issues/7008#issuecomment-1790417935

this issue has also a bunch of workarounds worth trying I think.

[rapteev]

Thank you. I’ll try it.

[ntilagoa]

Hi

Thank you for all your help. For now I give up to install it on Mac. I setup a windows server on a virtual machine to test it and it works ok with dns:latest label. With label dns:v2.0.0-beta do not run. It gives error "panic: runtime error: index out of range [0] with length 0 Probably it is better to open a new issue, right?

[qdm12]

With label dns:v2.0.0-beta do not run. It gives error "panic: runtime error: index out of range [0] with length 0

Sure, just pasting the panic stack trace would help 😉 I just ran the v2 tagged image without issue, so I'm definitely curious why it crashed, thanks!

[ntilagoa]

Oddly, on a VM running ubuntu 18.04 also get port 53 already in use error.

[qdm12]

By the way, if it's a VM, you won't be able to map it to port 53 on the host either, since it's still occupied right?

Ubuntu may be running dnsmasq; if you're ok with a terminal only vm, try alpine it's the simplest/vanillaest well known linux out there (barely anything included in the base OS). That's what I use on my servers to avoid dealing with the BS of all various distributions (dnsmasq on debian, no dhcp on arch linux, etc.). Plus apk is pretty easy to use 😉 Otherwise, still on Ubuntu, you can probably configure dnsmasq to forward dns requests to another port I would guess.

[ntilagoa]

By the way, if it's a VM, you won't be able to map it to port 53 on the host either, since it's still occupied right?

Ubuntu may be running dnsmasq; if you're ok with a terminal only vm, try alpine it's the simplest/vanillaest well known linux out there (barely anything included in the base OS). That's what I use on my servers to avoid dealing with the BS of all various distributions (dnsmasq on debian, no dhcp on arch linux, etc.). Plus apk is pretty easy to use 😉 Otherwise, still on Ubuntu, you can probably configure dnsmasq to forward dns requests to another port I would guess.

Yeah I think you are right, but on windows server VM it works.