UNRAID5 Posted August 22, 2020 Share Posted August 22, 2020 I have a docker that is failing to resolve dns (hexparrot/mineos). I suspect the issue is because the docker is in a different VLAN than the UNRAID br0 interface. I have multiple VLANs configured and each docker has its own IP assigned and its appropriate bridge interface set. So when a docker in, say, br0.7 tries to query DNS, it appears to use the internal docker generated address in /etc/resolv.conf of 127.0.0.x. I assume (please correct if wrong) this in turn kicks DNS queries off to the UNRAID host and it resolves through its configured DNS server in Settings > Network Settings. It seems like this should work, no matter the interface my docker is configured with, but it's not working. ping google.com fails to resolve and ping internal.dns.hosts also fail by name, but neither fail to ping by IP. I am suspecting that perhaps the DNS query is being sent out to my local DNS server using the br0 interface, but with a return address on the br0.7 ip space (which doesn't seem like something it should do). That would obviously cause issues as the dns response would return on a different network path (direct on br0.7 to the docker) than it was sent on (direct on br0 from unraid) and likely be discarded. My DNS/DHCP server (pfsense) is a VM within UNRAID and has to have an interface on each network it is serving to work correctly. If my assumptions are correct than a way to resolve this would be to be able to specify the DNS server for each of my dockers that aren't in the default br0 network, but I can't seem to get that to work. I had tried adding --dns='10.x.x.x' in the "Extra Parameters:" field of my docker. That doesn't change the resolv.conf file and I still can't resolve DNS. So I am now seeking advice on how to move forward with this issue. Typing this out makes it seem like I don't have the root cause identified correctly and that my proposed resolution may not actually resolve the problem, but I am in need of some guidance either way. Thanks for taking the time to read through this. Quote Link to comment
UNRAID5 Posted August 22, 2020 Author Share Posted August 22, 2020 I tried another docker in the same br0.7 just to see how it would behave (jlesage/firefox) and same issue. Quote Link to comment
UNRAID5 Posted September 17, 2020 Author Share Posted September 17, 2020 For anyone future that may run into this. This was a pfSense config issue. I simply went into the DNS Resolver > Access Lists page and added an allow all entry. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.