[GH-ISSUE #70] DNS resolution from inside of container #30

New issue

Closed

opened 2026-02-26 04:33:49 +03:00 by kerem · 6 comments

kerem commented 2026-02-26 04:33:49 +03:00

Owner

Copy link

Originally created by @ps1x on GitHub (May 17, 2018).
Original GitHub issue: https://github.com/mageddo/dns-proxy-server/issues/70

Whenever i start dns-proxy-server with command provided, dns resolution from inside of other containers stops immediately. What can i do here?

UPD: repeating same in clean virtualbox machine i can not reproduce it, however new problem raises:
i can not resolve container A hostname from inside of container B

UPD2: adding this line to /etc/default/docker and restarting docker service changed things, now i am able to resolve docker hostnames, but not external (internet) hostnames like google.
DOCKER_OPTS="--dns 172.2.0.10 --dns 8.8.8.8
Where 172.2.0.10 is ip of image with dns-proxy-server.

Originally created by @ps1x on GitHub (May 17, 2018). Original GitHub issue: https://github.com/mageddo/dns-proxy-server/issues/70 Whenever i start dns-proxy-server with command provided, dns resolution from inside of other containers stops immediately. What can i do here? UPD: repeating same in clean virtualbox machine i can not reproduce it, however new problem raises: i can not resolve container A hostname from inside of container B UPD2: adding this line to /etc/default/docker and restarting docker service changed things, now i am able to resolve docker hostnames, but not external (internet) hostnames like google. `DOCKER_OPTS="--dns 172.2.0.10 --dns 8.8.8.8` Where 172.2.0.10 is ip of image with dns-proxy-server.

kerem closed this issue 2026-02-26 04:33:49 +03:00

kerem commented 2026-02-26 04:33:50 +03:00

Author

Owner

Copy link

@mageddo commented on GitHub (May 17, 2018):

@ps1x

Whenever i start dns-proxy-server with command provided, dns resolution from inside of other containers stops immediately

Containers that are already running or new containers?

• are you using docker-compose to start your containers?
• Can you provide full log after simulate the issue?

Regards

<!-- gh-comment-id:389841745 --> @mageddo commented on GitHub (May 17, 2018): @ps1x > Whenever i start dns-proxy-server with command provided, dns resolution from inside of other containers stops immediately Containers that are already running or new containers? * are you using docker-compose to start your containers? * Can you provide full log after simulate the issue? Regards

kerem commented 2026-02-26 04:33:50 +03:00

Author

Owner

Copy link

@ps1x commented on GitHub (May 17, 2018):

Yes, i'm using docker-compose for dns-proxy-server and for my projects. Docker-compose file for dns-proxy-server:

version: '3.1'

services:
  dns-resolver:
    image: defreitas/dns-proxy-server
    restart: always
    ports:
      - 5380
    volumes:
      - /opt/dns-proxy-server/conf:/app/conf
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/resolv.conf:/etc/resolv.conf

networks:
  shared:
    driver: bridge
    ipam:
      config:
        - subnet: 172.2.0.0/16

First i'm attached to running container and within bash i try to ping google.com (ends with dns timeout) then hostname which was defined in environment variable of another container "test.lol" which succeed. Then i'm exiting container and doing same commands from host machine. Both works.

log.txt

<!-- gh-comment-id:389874162 --> @ps1x commented on GitHub (May 17, 2018): Yes, i'm using docker-compose for dns-proxy-server and for my projects. Docker-compose file for dns-proxy-server: ``` version: '3.1' services: dns-resolver: image: defreitas/dns-proxy-server restart: always ports: - 5380 volumes: - /opt/dns-proxy-server/conf:/app/conf - /var/run/docker.sock:/var/run/docker.sock - /etc/resolv.conf:/etc/resolv.conf networks: shared: driver: bridge ipam: config: - subnet: 172.2.0.0/16 ``` First i'm attached to running container and within bash i try to ping google.com (ends with dns timeout) then hostname which was defined in environment variable of another container "test.lol" which succeed. Then i'm exiting container and doing same commands from host machine. Both works. [log.txt](https://github.com/mageddo/dns-proxy-server/files/2013395/log.txt)

kerem commented 2026-02-26 04:33:50 +03:00

Author

Owner

Copy link

@mageddo commented on GitHub (May 18, 2018):

Actually DPS has a limitation aside docker: DPS must be started before all containers, containers that starts before won't use DPS as default DNS

version: '3.1'

services:
  dns-resolver:
    image: defreitas/dns-proxy-server:2.5.1
    restart: always
    ports:
      - 5380
    hostname: dns.mageddo.intranet
    container_name: dns-resolver
    volumes:
      - /opt/dns-proxy-server/conf:/app/conf
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/resolv.conf:/etc/resolv.conf
    networks:
      - shared

  linux-1:
    image: alpine:3.7
    command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null'
    container_name: linux-1
    networks:
      - shared

networks:
  shared:
    driver: bridge
    ipam:
      config:
        - subnet: 172.2.0.0/16

Simulating the issue

$ docker-compose up linux-1
$ docker-compose up dns-resolver

$ docker exec -it linux-1 ping dns.mageddo.intranet
ping: unknown host dns.mageddo.intranet
$ docker exec -it linux-1 ping google.com
PING google.com (172.217.29.174) 56(84) bytes of data.
64 bytes from gru10s02-in-f14.1e100.net (172.217.29.174): icmp_seq=1 ttl=48 time=13.1 ms

Starting DPS first don't have any issues

$ docker-compose up dns-resolver
$ docker-compose up linux-1

$ docker exec -it linux-1 ping dns.mageddo.intranet
PING dns.mageddo.intranet (172.2.0.2) 56(84) bytes of data.
64 bytes from dns-resolver.tmp_shared (172.2.0.2): icmp_seq=1 ttl=64 time=0.089 ms
$ docker exec -it linux-1 ping google.com
PING google.com (172.217.29.206) 56(84) bytes of data.
64 bytes from gru10s03-in-f206.1e100.net (172.217.29.206): icmp_seq=1 ttl=48 time=12.2 ms

Workaround
A possible workaround is to all containers mount /etc/resolv.conf as readyonly as soon as DPS starts then DNS resolution will start to work

version: '3.1'

services:
  dns-resolver:
    image: defreitas/dns-proxy-server:2.5.1
    restart: always
    ports:
      - 5380
    hostname: dns.mageddo.intranet
    container_name: dns-resolver
    volumes:
      - /opt/dns-proxy-server/conf:/app/conf
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/resolv.conf:/etc/resolv.conf
    networks:
      - shared

  linux-1:
    image: alpine:3.7
    command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null'
    container_name: linux-1
    restart: unless-stopped
    volumes:
      - /etc/resolv.conf:/etc/resolv.conf:ro
    networks:
      - shared

networks:
  shared:
    driver: bridge
    ipam:
      config:
        - subnet: 172.2.0.0/16

$ docker-compose up linux-1
fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/community/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.7/main: temporary error (try again later)

$ docker-compose up dns-resolver

$ docker exec linux-1 ping google.com
PING google.com (172.217.30.78): 56 data bytes
64 bytes from 172.217.30.78: seq=0 ttl=50 time=10.658 ms

docker exec linux-1 ping dns.mageddo.intranet
PING dns.mageddo.intranet (172.2.0.3) 56(84) bytes of data.
64 bytes from 172-2-0-3.lightspeed.dybhfl.sbcglobal.net (172.2.0.3): icmp_seq=1 ttl=64 time=0.193 ms

My /etc/default/docker is the default

# Docker Upstart and SysVinit configuration file

#
# THIS FILE DOES NOT APPLY TO SYSTEMD
#
#   Please see the documentation for "systemd drop-ins":
#   https://docs.docker.com/engine/admin/systemd/
#

# Customize location of Docker binary (especially for development testing).
#DOCKERD="/usr/local/bin/dockerd"

# Use DOCKER_OPTS to modify the daemon startup options.
#DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4"

# If you need Docker to use an HTTP proxy, it can also be specified here.
#export http_proxy="http://127.0.0.1:3128/"

# This is also a handy place to tweak where Docker's temporary files go.
#export DOCKER_TMPDIR="/mnt/bigdrive/docker-tmp"

<!-- gh-comment-id:390088505 --> @mageddo commented on GitHub (May 18, 2018): Actually DPS has a limitation aside docker: DPS must be started before all containers, containers that starts before won't use DPS as default DNS ```yaml version: '3.1' services: dns-resolver: image: defreitas/dns-proxy-server:2.5.1 restart: always ports: - 5380 hostname: dns.mageddo.intranet container_name: dns-resolver volumes: - /opt/dns-proxy-server/conf:/app/conf - /var/run/docker.sock:/var/run/docker.sock - /etc/resolv.conf:/etc/resolv.conf networks: - shared linux-1: image: alpine:3.7 command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null' container_name: linux-1 networks: - shared networks: shared: driver: bridge ipam: config: - subnet: 172.2.0.0/16 ``` Simulating the issue ```bash $ docker-compose up linux-1 $ docker-compose up dns-resolver $ docker exec -it linux-1 ping dns.mageddo.intranet ping: unknown host dns.mageddo.intranet $ docker exec -it linux-1 ping google.com PING google.com (172.217.29.174) 56(84) bytes of data. 64 bytes from gru10s02-in-f14.1e100.net (172.217.29.174): icmp_seq=1 ttl=48 time=13.1 ms ``` Starting DPS first don't have any issues ```bash $ docker-compose up dns-resolver $ docker-compose up linux-1 $ docker exec -it linux-1 ping dns.mageddo.intranet PING dns.mageddo.intranet (172.2.0.2) 56(84) bytes of data. 64 bytes from dns-resolver.tmp_shared (172.2.0.2): icmp_seq=1 ttl=64 time=0.089 ms $ docker exec -it linux-1 ping google.com PING google.com (172.217.29.206) 56(84) bytes of data. 64 bytes from gru10s03-in-f206.1e100.net (172.217.29.206): icmp_seq=1 ttl=48 time=12.2 ms ``` **Workaround** A possible workaround is to all containers mount `/etc/resolv.conf` as readyonly as soon as DPS starts then DNS resolution will start to work ```yaml version: '3.1' services: dns-resolver: image: defreitas/dns-proxy-server:2.5.1 restart: always ports: - 5380 hostname: dns.mageddo.intranet container_name: dns-resolver volumes: - /opt/dns-proxy-server/conf:/app/conf - /var/run/docker.sock:/var/run/docker.sock - /etc/resolv.conf:/etc/resolv.conf networks: - shared linux-1: image: alpine:3.7 command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null' container_name: linux-1 restart: unless-stopped volumes: - /etc/resolv.conf:/etc/resolv.conf:ro networks: - shared networks: shared: driver: bridge ipam: config: - subnet: 172.2.0.0/16 ``` ```bash $ docker-compose up linux-1 fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/main/x86_64/APKINDEX.tar.gz fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/community/x86_64/APKINDEX.tar.gz ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.7/main: temporary error (try again later) $ docker-compose up dns-resolver $ docker exec linux-1 ping google.com PING google.com (172.217.30.78): 56 data bytes 64 bytes from 172.217.30.78: seq=0 ttl=50 time=10.658 ms docker exec linux-1 ping dns.mageddo.intranet PING dns.mageddo.intranet (172.2.0.3) 56(84) bytes of data. 64 bytes from 172-2-0-3.lightspeed.dybhfl.sbcglobal.net (172.2.0.3): icmp_seq=1 ttl=64 time=0.193 ms ``` My /etc/default/docker is the default ``` # Docker Upstart and SysVinit configuration file # # THIS FILE DOES NOT APPLY TO SYSTEMD # # Please see the documentation for "systemd drop-ins": # https://docs.docker.com/engine/admin/systemd/ # # Customize location of Docker binary (especially for development testing). #DOCKERD="/usr/local/bin/dockerd" # Use DOCKER_OPTS to modify the daemon startup options. #DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4" # If you need Docker to use an HTTP proxy, it can also be specified here. #export http_proxy="http://127.0.0.1:3128/" # This is also a handy place to tweak where Docker's temporary files go. #export DOCKER_TMPDIR="/mnt/bigdrive/docker-tmp" ```

kerem commented 2026-02-26 04:33:50 +03:00

Author

Owner

Copy link

@ps1x commented on GitHub (May 18, 2018):

Thanks for quick answer!

<!-- gh-comment-id:390216367 --> @ps1x commented on GitHub (May 18, 2018): Thanks for quick answer!

kerem commented 2026-02-26 04:33:50 +03:00

Author

Owner

Copy link

@mageddo commented on GitHub (May 18, 2018):

You're welcome, Did it work for you?

<!-- gh-comment-id:390220122 --> @mageddo commented on GitHub (May 18, 2018): You're welcome, Did it work for you?

kerem commented 2026-02-26 04:33:50 +03:00

Author

Owner

Copy link

@ps1x commented on GitHub (Jun 6, 2018):

Yes. Thanks again.

<!-- gh-comment-id:395075389 --> @ps1x commented on GitHub (Jun 6, 2018): Yes. Thanks again.

kerem referenced this issue 2026-02-26 04:34:33 +03:00

[PR #30] [MERGED] Feature/mg 388 #231

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

gh-pages

develop

feat/138_2

feat/629

feat/594

5.9.0

5.9.0-snapshot

5.8.4

5.8.4-snapshot

5.8.3-snapshot

5.8.2-snapshot

5.8.1-snapshot

5.8.0-snapshot

5.7.0-snapshot

5.6.2-snapshot

5.6.1-snapshot

5.6.0-snapshot

5.5.1-snapshot

5.5.0-snapshot

5.4.0-snapshot

5.3.0-snapshot

5.2.0-snapshot

5.1.3-snapshot

5.1.2-snapshot

5.1.0-snapshot

5.0.5-snapshot

5.0.3-snapshot

5.0.2-snapshot

5.0.1-snapshot

5.0.0-snapshot

4.3.0-snapshot

4.2.0-snapshot

4.0.0

4.0.0-snapshot

3.32.7

3.32.7-snapshot

3.32.6

3.32.6-snapshot

3.32.5-snapshot

3.32.4

3.32.4-snapshot

3.32.3

3.32.3-snapshot

3.32.2-snapshot

3.32.1-snapshot

3.32.0-snapshot

3.31.1-snapshot

3.31.0-snapshot

3.30.5-snapshot

3.30.4

3.30.4-snapshot

3.30.3-snapshot

3.30.2-snapshot

3.30.1

3.30.1-snapshot

3.30.0-snapshot

3.29.0-snapshot

3.27.0

3.27.0-snapshot

3.26.0-snapshot

3.25.14

3.25.14-snapshot

3.25.13-snapshot

3.25.12-snapshot

3.25.11

3.25.11-snapshot

3.25.10

3.25.10-snapshot

3.25.9-snapshot

3.25.8-snapshot

3.25.7-snapshot

3.25.6-snapshot

3.25.4-snapshot

3.25.3-snapshot

3.25.2-snapshot

3.25.1-snapshot

3.25.0-snapshot

3.24.2

3.24.2-snapshot

3.24.1

3.24.1-snapshot

3.24.0-snapshot

3.23.0-snapshot

3.22.2-snapshot

3.22.3-snapshot

3.22.1-snapshot

3.21.3-snapshot

3.22.0-snapshot

3.21.2-snapshot

3.21.1-snapshot

3.20.0-snapshot

3.21.0-snapshot

3.19.7-snapshot

3.19.6-snapshot

3.19.5-snapshot

3.19.4-snapshot

3.19.3-snapshot

3.19.2-snapshot

3.19.1

3.19.1-snapshot

3.19.0

3.18.5-snapshot

3.18.4-snapshot

3.18.3-snapshot

3.18.2

3.18.2-snapshot

3.18.1-snapshot

3.18.0-snapshot

3.17.3-snapshot

3.17.2-snapshot

3.17.1-snapshot

3.17.0-snapshot

3.16.3-snapshot

3.16.2-snapshot

3.16.1-snapshot

3.16.0-snapshot

3.15.13-snapshot

3.15.12-snapshot

3.15.11-snapshot

3.15.10-snapshot

3.15.9-snapshot

3.15.8-snapshot

3.15.7-snapshot

3.15.6-snapshot

3.15.5-snapshot

3.15.4-snapshot

3.15.3-snapshot

3.15.2-snapshot

3.15.1-snapshot

3.15.0-snapshot

3.14.5

3.14.4

3.14.3

3.14.3-snapshot

3.14.2-snapshot

3.14.1-snapshot

3.14.0-snapshot

3.13.1

3.13.1-snapshot

3.13.0-snapshot

3.12.1

3.12.0

3.11.0

3.10.2-snapshot

3.10.3-snapshot

3.10.4-snapshot

3.10.5-snapshot

3.10.1-snapshot

3.9.2

3.9.1

3.9.0

3.8.1-last-version-with-quarkus

3.8.1

3.8.0

3.7.0

3.6.0

3.5.3

3.5.2

3.5.0

3.4.0-beta

3.3.0-beta

3.2.5-beta

3.2.4-beta

3.2.3-beta

3.2.2-beta

3.2.1-beta

3.2.0-beta

3.1.7-beta

3.1.6-beta

3.1.5-beta

3.1.4-beta

3.1.3-beta

3.1.2-beta

b-jre-8

3.1.1-beta

3.1.0-beta

3.0.4-beta

3.0.3-beta

3.0.2-beta

3.0.1-beta

v2-golang

2.19.5

2.19.4

2.19.3

2.19.2

2.19.1

2.19.0

2.18.7

2.18.6

2.18.5

2.18.4

2.18.3

2.18.2

2.18.1

2.18.0

2.17.4

2.17.3

2.17.2

2.17.1

2.17.0

2.16.0

2.15.0

2.14.6

2.14.5

2.14.4

2.14.2

2.14.1

2.14.0

2.13.2

2.13.1

2.13.0

2.12.0

2.11.0

2.10.4

2.10.3

2.10.2

2.10.1

2.10.0

2.9.1

2.9.0

2.8.0

2.7.0

2.6.1

2.6.0

2.5.4

2.5.3

2.5.2

2.5.1

2.5.0

2.4.1

2.4.0

2.3.3

2.2.3

2.2.2

2.2.1

2.2.0

2.1.8

2.1.7

2.1.6

2.1.5

2.1.2

2.1.1

2.1.0

2.0.21

2.0.20

2.0.19

2.0.18

2.0.17

2.0.16

2.0.9

2.0.5

2.0.4

v1-nodejs

1.8.1

1.8.0

1.7.7

1.7.6

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.9

1.6.8

1.6.7

1.6.6

1.6.5

1.6.4

1.6.3

1.6.2

1.6.1

1.6.0

1.5.0

1.4.0

1.3.5

1.3.4

1.3.3

1.3.2

1.3.1

1.3.0

peteris-version

1.1.4-peteris-version

1.2.0

1.1.3

1.1.2

1.1.1

1.1.0

1.0.1

1.0.0

Labels

Clear labels   

bug

  

confirmed

  

discussion

  

duplicate

  

enhancement

  

feature

  

feature-request

  

not-planned

  

pull-request

Mirrored from GitHub Pull Request

  

secondary-feature

  

stale

  

triage

  

waiting-feedback

No labels

bug

confirmed

discussion

duplicate

enhancement

feature

feature-request

not-planned

pull-request

secondary-feature

stale

triage

waiting-feedback

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/dns-proxy-server-mageddo#30

No description provided.