search

vagrant-landrush / landrush

A Vagrant plugin that provides a simple DNS server for Vagrant guests
MIT License
667 stars 78 forks source link

DNS not working from inside docker container #188

Open driv opened 8 years ago

driv commented 8 years ago

From inside the container I get the following:

/ # ping manager0
ping: bad address 'manager0'

resolv.conf seems to be fine

/ # cat /etc/resolv.conf 
# Generated by NetworkManager
search lan vagrant.test
nameserver 10.0.2.3

But using dig from inside the container works fine:

/ # dig -p 10053 @10.0.2.3 manager0.vagrant.test

; <<>> DiG 9.10.2 <<>> -p 10053 @10.0.2.3 manager0.vagrant.test
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19456
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;manager0.vagrant.test.     IN  A

;; ANSWER SECTION:
manager0.vagrant.test.  0   IN  A   172.28.128.12

;; Query time: 6 msec
;; SERVER: 10.0.2.3#10053(10.0.2.3)
;; WHEN: Wed May 18 19:04:54 UTC 2016
;; MSG SIZE  rcvd: 55

I can see that docker is adding its own rules to iptables

[vagrant@consul0 ~]$ sudo iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DOCKER     all  --  anywhere             anywhere             ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
DNAT       tcp  --  anywhere             10.0.2.3             tcp dpt:domain to:10.0.2.2:10053
DNAT       udp  --  anywhere             10.0.2.3             udp dpt:domain to:10.0.2.2:10053
DOCKER     all  --  anywhere            !loopback/8           ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  172.17.0.0/16        anywhere            
MASQUERADE  tcp  --  172.17.0.2           172.17.0.2           tcp dpt:fmtp

Chain DOCKER (2 references)
target     prot opt source               destination         
DNAT       tcp  --  anywhere             anywhere             tcp dpt:fmtp to:172.17.0.2:8500
earllapura commented 5 years ago

Was the issue resolved? I got the same error.