starred/dns-proxy-server-mageddo
1
0
Fork 0
mirror of https://github.com/mageddo/dns-proxy-server.git synced 2026-04-25 17:35:54 +03:00
Code Issues 10 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #89] Resolving container using an address from a specific network. #42

New issue
Closed
opened 2026-02-26 04:33:52 +03:00 by kerem · 8 comments
kerem commented 2026-02-26 04:33:52 +03:00
Owner
Copy link

Originally created by @wzsanders on GitHub (Oct 16, 2018).
Original GitHub issue: https://github.com/mageddo/dns-proxy-server/issues/89

The DNS server picks an IP address arbitrarily from one of two connected networks in docker compose.

To Reproduce
Steps to reproduce the behavior:

  1. Start proxy container using docker-compose.
  2. Start other container using docker-compose with two external networks.
  3. Attempt to ping the container using its host name.
  4. I can ping it, but it proxy resolves the IP address using the wrong network, (network1 instead of network2)

Expected behavior
I want it to resolve the IP using a network of choice, or override it in the web interface.
If it was resolving using an IP in network1, I want it to resolve with an IP in network2.
Example:
ping containername.{domain} (172.40.200.3) becomes (172.10.0.2)

Specs:

  • OS: Manjaro, kernel 4.19.0-1MANJARO
  • Docker Version: 18.06.1-ce
  • DPS Version: 2.7.0
Originally created by @wzsanders on GitHub (Oct 16, 2018). Original GitHub issue: https://github.com/mageddo/dns-proxy-server/issues/89 The DNS server picks an IP address arbitrarily from one of two connected networks in docker compose. **To Reproduce** Steps to reproduce the behavior: 1. Start proxy container using docker-compose. 2. Start other container using docker-compose with two external networks. 3. Attempt to ping the container using its host name. 4. I can ping it, but it proxy resolves the IP address using the wrong network, (network1 instead of network2) **Expected behavior** I want it to resolve the IP using a network of choice, or override it in the web interface. If it was resolving using an IP in network1, I want it to resolve with an IP in network2. Example: ping containername.{domain} (172.40.200.3) becomes (172.10.0.2) **Specs:** - OS: Manjaro, kernel 4.19.0-1MANJARO - Docker Version: 18.06.1-ce - DPS Version: 2.7.0
kerem 2026-02-26 04:33:52 +03:00
  • closed this issue
  • added the
    feature
         label
kerem commented 2026-02-26 04:33:52 +03:00
Author
Owner
Copy link

@mageddo commented on GitHub (Oct 16, 2018):

@wsanders99 thanks for your contribution, this really is the actual behavior. I think make user able to specify the nework can be a great feature, anyway I don't know how to expose that feature friendly, we can discuss about that.

You said about user choose the network at the graphic interface, it works, but I'm thinking if there is a better way to do that, cause if user have to choose the right network every time then it will be so tedious.

A proposal, we can add the network to hostname as a suffix, example

$ docker network create network1
$ docker network create network2
$ docker run --rm --hostname acme.com --network network1 --network network2 nginx

then you can solve your hostname as it is today

$ nslookup acme.com
Server:		13.0.0.7
Address:	13.0.0.7#53

Non-authoritative answer:
Name:	acme.com
Address: 172.25.0.2

Or you can specifcy from which network you want to solve it

nslookup acme.com.network1
Server:		13.0.0.7
Address:	13.0.0.7#53

Non-authoritative answer:
Name:	acme.com.network1
Address: 172.30.0.1
  1. What you think about that, it solves your problem?
  2. Another question: are you trying to solve that hostname from host machine or from another docker container?
<!-- gh-comment-id:430436896 --> @mageddo commented on GitHub (Oct 16, 2018): @wsanders99 thanks for your contribution, this really is the actual behavior. I think make user able to specify the nework can be a great feature, anyway I don't know how to expose that feature friendly, we can discuss about that. You said about user choose the network at the graphic interface, it works, but I'm thinking if there is a better way to do that, cause if user have to choose the right network every time then it will be so tedious. A proposal, we can add the network to hostname as a suffix, example ```bash $ docker network create network1 $ docker network create network2 $ docker run --rm --hostname acme.com --network network1 --network network2 nginx ``` then you can solve your hostname as it is today ```bash $ nslookup acme.com Server: 13.0.0.7 Address: 13.0.0.7#53 Non-authoritative answer: Name: acme.com Address: 172.25.0.2 ``` Or you can specifcy from which network you want to solve it ```bash nslookup acme.com.network1 Server: 13.0.0.7 Address: 13.0.0.7#53 Non-authoritative answer: Name: acme.com.network1 Address: 172.30.0.1 ``` 1. What you think about that, it solves your problem? 2. Another question: are you trying to solve that hostname from host machine or from another docker container?
kerem commented 2026-02-26 04:33:52 +03:00
Author
Owner
Copy link

@wzsanders commented on GitHub (Oct 17, 2018):

That would work, although it creates longer urls.

My use case is for routing to services behind a reverse proxy like traefik. These requests are coming from another container with net_admin capabilities.
It resolves correctly from the host since it can see all networks.

Since the reverse-proxy has the host name as '.acme.com' from your example
Links for services would now be in these forms, correct?

  • service1.acme.com.network1
  • service2.acme.com.network1
  • service3.acme.com.network1

I am assuming that without the suffix, it just does what it is already doing.

This solution meets the requirements for allowing the user to choose the network that it resolves from.

However, the solution I really want is to be able to set the default network, i.e without adding the suffix to the address bar (if you want to override the default network, then I think this a solution there too).

compose example

version: '3'
services:
  proxy:
    image: {proxy}
    hostname: .acme.com
    networks:
       network1:
       network2:
    labels:
       - "{dns-proxy-identifier}.network=network1"

Then it would resolve to 172.30.0.1 as it does when having network1 as the suffix in your example when using these links.

  • service1.acme.com
  • service2.acme.com
  • service3.acme.com

And to change the network after changing the default, append the suffix manually as .network2, etc.

<!-- gh-comment-id:430447734 --> @wzsanders commented on GitHub (Oct 17, 2018): That would work, although it creates longer urls. My use case is for routing to services behind a reverse proxy like traefik. These requests are coming from another container with net_admin capabilities. It resolves correctly from the host since it can see all networks. Since the reverse-proxy has the host name as '.acme.com' from your example Links for services would now be in these forms, correct? - service1.acme.com.network1 - service2.acme.com.network1 - service3.acme.com.network1 I am assuming that without the suffix, it just does what it is already doing. This solution meets the requirements for allowing the user to choose the network that it resolves from. However, the solution I really want is to be able to set the default network, i.e without adding the suffix to the address bar (if you want to override the default network, then I think this a solution there too). compose example ``` version: '3' services: proxy: image: {proxy} hostname: .acme.com networks: network1: network2: labels: - "{dns-proxy-identifier}.network=network1" ``` Then it would resolve to 172.30.0.1 as it does when having network1 as the suffix in your example when using these links. - service1.acme.com - service2.acme.com - service3.acme.com And to change the network after changing the default, append the suffix manually as .network2, etc.
kerem commented 2026-02-26 04:33:52 +03:00
Author
Owner
Copy link

@mageddo commented on GitHub (Oct 17, 2018):

Okay, I think we can build a great feature with these two options.

To make it clear for me, you proposal is that every container could set it's default network by specifying a label like {dns-proxy-identifier}.network=network1?

<!-- gh-comment-id:430449742 --> @mageddo commented on GitHub (Oct 17, 2018): Okay, I think we can build a great feature with these two options. To make it clear for me, you proposal is that every container could set it's default network by specifying a label like `{dns-proxy-identifier}.network=network1`?
kerem commented 2026-02-26 04:33:52 +03:00
Author
Owner
Copy link

@wzsanders commented on GitHub (Oct 17, 2018):

Yes, that is my proposal. I very much appreciate you looking into this.

<!-- gh-comment-id:430451513 --> @wzsanders commented on GitHub (Oct 17, 2018): Yes, that is my proposal. I very much appreciate you looking into this.
kerem commented 2026-02-26 04:33:52 +03:00
Author
Owner
Copy link

@mageddo commented on GitHub (Oct 17, 2018):

Okay, I will probably break this feature into two stories and priorize to develop the "ability to set default network on container start" first.

It's important to say and you probably already figured that out, as you are calling one container(service1) from another (reverse proxy) then both of them must be on an common network.
It's probably why you want DPS to solve container IP from another network

<!-- gh-comment-id:430453960 --> @mageddo commented on GitHub (Oct 17, 2018): Okay, I will probably break this feature into two stories and priorize to develop the "ability to set default network on container start" first. It's important to say and you probably already figured that out, as you are calling one container(service1) from another (reverse proxy) then both of them must be on an common network. It's probably why you want DPS to solve container IP from another network
kerem commented 2026-02-26 04:33:52 +03:00
Author
Owner
Copy link

@mageddo commented on GitHub (Oct 17, 2018):

@wsanders99 I just released 2.8.0 can you check it out and confirm if works for you? If yes then we can close this issue

<!-- gh-comment-id:430477526 --> @mageddo commented on GitHub (Oct 17, 2018): @wsanders99 I just released [2.8.0](https://github.com/mageddo/dns-proxy-server/releases/tag/2.8.0) can you check it out and confirm if works for you? If yes then we can close this issue
kerem commented 2026-02-26 04:33:52 +03:00
Author
Owner
Copy link

@wzsanders commented on GitHub (Oct 17, 2018):

Sorry for the delay.

I have pulled the new image and added the label dps.network={network} to my compose file.

After testing I have determined that it produces the expected behavior depending on the network set in the label.
Thank you for your quick response and implementation.

<!-- gh-comment-id:430791653 --> @wzsanders commented on GitHub (Oct 17, 2018): Sorry for the delay. I have pulled the new image and added the label `dps.network={network}` to my compose file. After testing I have determined that it produces the expected behavior depending on the network set in the label. Thank you for your quick response and implementation.
kerem commented 2026-02-26 04:33:52 +03:00
Author
Owner
Copy link

@mageddo commented on GitHub (Oct 17, 2018):

You're welcome

<!-- gh-comment-id:430793126 --> @mageddo commented on GitHub (Oct 17, 2018): You're welcome
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
gh-pages
develop
feat/138_2
feat/629
feat/594
5.9.0
5.9.0-snapshot
5.8.4
5.8.4-snapshot
5.8.3-snapshot
5.8.2-snapshot
5.8.1-snapshot
5.8.0-snapshot
5.7.0-snapshot
5.6.2-snapshot
5.6.1-snapshot
5.6.0-snapshot
5.5.1-snapshot
5.5.0-snapshot
5.4.0-snapshot
5.3.0-snapshot
5.2.0-snapshot
5.1.3-snapshot
5.1.2-snapshot
5.1.0-snapshot
5.0.5-snapshot
5.0.3-snapshot
5.0.2-snapshot
5.0.1-snapshot
5.0.0-snapshot
4.3.0-snapshot
4.2.0-snapshot
4.0.0
4.0.0-snapshot
3.32.7
3.32.7-snapshot
3.32.6
3.32.6-snapshot
3.32.5-snapshot
3.32.4
3.32.4-snapshot
3.32.3
3.32.3-snapshot
3.32.2-snapshot
3.32.1-snapshot
3.32.0-snapshot
3.31.1-snapshot
3.31.0-snapshot
3.30.5-snapshot
3.30.4
3.30.4-snapshot
3.30.3-snapshot
3.30.2-snapshot
3.30.1
3.30.1-snapshot
3.30.0-snapshot
3.29.0-snapshot
3.27.0
3.27.0-snapshot
3.26.0-snapshot
3.25.14
3.25.14-snapshot
3.25.13-snapshot
3.25.12-snapshot
3.25.11
3.25.11-snapshot
3.25.10
3.25.10-snapshot
3.25.9-snapshot
3.25.8-snapshot
3.25.7-snapshot
3.25.6-snapshot
3.25.4-snapshot
3.25.3-snapshot
3.25.2-snapshot
3.25.1-snapshot
3.25.0-snapshot
3.24.2
3.24.2-snapshot
3.24.1
3.24.1-snapshot
3.24.0-snapshot
3.23.0-snapshot
3.22.2-snapshot
3.22.3-snapshot
3.22.1-snapshot
3.21.3-snapshot
3.22.0-snapshot
3.21.2-snapshot
3.21.1-snapshot
3.20.0-snapshot
3.21.0-snapshot
3.19.7-snapshot
3.19.6-snapshot
3.19.5-snapshot
3.19.4-snapshot
3.19.3-snapshot
3.19.2-snapshot
3.19.1
3.19.1-snapshot
3.19.0
3.18.5-snapshot
3.18.4-snapshot
3.18.3-snapshot
3.18.2
3.18.2-snapshot
3.18.1-snapshot
3.18.0-snapshot
3.17.3-snapshot
3.17.2-snapshot
3.17.1-snapshot
3.17.0-snapshot
3.16.3-snapshot
3.16.2-snapshot
3.16.1-snapshot
3.16.0-snapshot
3.15.13-snapshot
3.15.12-snapshot
3.15.11-snapshot
3.15.10-snapshot
3.15.9-snapshot
3.15.8-snapshot
3.15.7-snapshot
3.15.6-snapshot
3.15.5-snapshot
3.15.4-snapshot
3.15.3-snapshot
3.15.2-snapshot
3.15.1-snapshot
3.15.0-snapshot
3.14.5
3.14.4
3.14.3
3.14.3-snapshot
3.14.2-snapshot
3.14.1-snapshot
3.14.0-snapshot
3.13.1
3.13.1-snapshot
3.13.0-snapshot
3.12.1
3.12.0
3.11.0
3.10.2-snapshot
3.10.3-snapshot
3.10.4-snapshot
3.10.5-snapshot
3.10.1-snapshot
3.9.2
3.9.1
3.9.0
3.8.1-last-version-with-quarkus
3.8.1
3.8.0
3.7.0
3.6.0
3.5.3
3.5.2
3.5.0
3.4.0-beta
3.3.0-beta
3.2.5-beta
3.2.4-beta
3.2.3-beta
3.2.2-beta
3.2.1-beta
3.2.0-beta
3.1.7-beta
3.1.6-beta
3.1.5-beta
3.1.4-beta
3.1.3-beta
3.1.2-beta
b-jre-8
3.1.1-beta
3.1.0-beta
3.0.4-beta
3.0.3-beta
3.0.2-beta
3.0.1-beta
v2-golang
2.19.5
2.19.4
2.19.3
2.19.2
2.19.1
2.19.0
2.18.7
2.18.6
2.18.5
2.18.4
2.18.3
2.18.2
2.18.1
2.18.0
2.17.4
2.17.3
2.17.2
2.17.1
2.17.0
2.16.0
2.15.0
2.14.6
2.14.5
2.14.4
2.14.2
2.14.1
2.14.0
2.13.2
2.13.1
2.13.0
2.12.0
2.11.0
2.10.4
2.10.3
2.10.2
2.10.1
2.10.0
2.9.1
2.9.0
2.8.0
2.7.0
2.6.1
2.6.0
2.5.4
2.5.3
2.5.2
2.5.1
2.5.0
2.4.1
2.4.0
2.3.3
2.2.3
2.2.2
2.2.1
2.2.0
2.1.8
2.1.7
2.1.6
2.1.5
2.1.2
2.1.1
2.1.0
2.0.21
2.0.20
2.0.19
2.0.18
2.0.17
2.0.16
2.0.9
2.0.5
2.0.4
v1-nodejs
1.8.1
1.8.0
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.1
1.7.0
1.6.9
1.6.8
1.6.7
1.6.6
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.0
1.4.0
1.3.5
1.3.4
1.3.3
1.3.2
1.3.1
1.3.0
peteris-version
1.1.4-peteris-version
1.2.0
1.1.3
1.1.2
1.1.1
1.1.0
1.0.1
1.0.0
Labels
Clear labels   
bug

   
confirmed

   
discussion

   
duplicate

   
enhancement

   
feature

   
feature-request

   
not-planned

   
pull-request

Mirrored from GitHub Pull Request

  
secondary-feature

   
stale

   
triage

   
waiting-feedback
No labels
bug
confirmed
discussion
duplicate
enhancement
feature
feature-request
not-planned
pull-request
secondary-feature
stale
triage
waiting-feedback
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/dns-proxy-server-mageddo#42
No description provided.