-
Notifications
You must be signed in to change notification settings - Fork 120
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
While on VPN, moby can't resolve private DNS #997
Comments
It should work, we are relying on |
FWIW,
|
But even if I reboot moby while on VPN, the actual
|
@djs55 any thoughts? |
Sorry for the delay in getting back to you. The Looking at the bug report I think the following sequence happened:
I suspect we've misinterpreted the contents of the SC database. It looks like your global/default DNS server is
Could you confirm for me that
I'll investigate further. Thanks for the bug report! |
No worries about delay whatsoever, thanks for looking into it! Yes,
|
Just to be sure we're on the same page here: |
Maybe as a workaround, will be nice to edit What a shame D4M is not working in professionnal environment ;-( (I mean with VPN, custom registry etc...) |
I'm hoping to work on improved VPN support over the next few betas... this is one of the issues I'm hoping to fix. Thanks everyone for your patience so far! |
Sure no problem! I guess you guys have a ton of work to do + manage huge community, maybe a minimalist web UI to indicate whats going on / road-map could help and prevent spam.. Do you know any good workaround or tutorial? was thinking about running a DNS (via Docker) on the machine |
@ebuildy Run |
@djs55 Feel free to use me as a guinea pig for SSL-based VPN if you want to verify whether fix works in this particular case :) |
thanks @favoretti , this is what I am doing already, at home. But I manage also a team of 12 french devs (using windows, mac & linux), so I am searching for a very clean solution without any hacks to do. I do already same issue to setup NFS share, this is crucial for pro. adoption. At least, if Docker team could blog something about these small hacks, this could help a lot people to trust and adopt Docker at work. |
I've merged a potential fix for this into the master branch, which should be released as part of beta 37, due in a couple of weeks. Sorry for the delay -- I'll ping you again when there's something you can test. |
Great to hear! As a workaround, If we can configure daemon.json to setup a DNS it's ok, (for now, we cannot with the stable release) /: Is windows version have the same problem? Thanks you, |
As Docker 1.13 was released, this has become critical. Is there a way to cherry-pick this fix to the stable version? There's no way to go back to Docker 1.12. |
The fix is in the master branch, which is due for release in the beta branch next week in beta 39 (hopefully). Once it has been in the beta for a week, it's a candidate for cherry-picking into the next stable update. We want to be very careful with stable updates. If you want to experiment in the meantime, try following the instructions in this comment: #1103 (comment) -- the newer build of the networking component should be compatible with the stable release (although I've not tested it). Take a backup of the file before you replace it. Normally we don't recommend this kind of hybrid configuration, but if you're blocked then it's worth a shot. If you try it and it doesn't work, please upload fresh diagnostics and ping me -- there's still time to fix bugs before the next beta release. |
I'd like to add my experience with this so far as additional info in case it's useful. I started experiencing this last night while on VPN using a beta32 (? i don't remember the exact version) and attempting to both push to and re-authenticate to my private registry . It just suddenly started responding with no such host messages after having been on VPN for a while and everything working without issue. I'm currently in the building, not on VPN, and have upgraded to 1.13.0-beta38 (15084), but I still experience this issue. Applying the slirp and restarting didn't have any noticeable effect.
|
I had the same issue after an upgrade to 1.13. Subsequently upgraded to 1.13.0-beta38. Same problem. Followed the instructions at #1103 (comment). That resolved the issue for me. I'm using Cisco AnyConnect for access to a private data center. |
I also primarily use Cisco AnyConnect for VPN. When this started happening last night I created a VPN configuration via Network Preferences. It worked for a short while and then went back to |
With new D4M 1.13, it looks ok ! good job guys, such a good new. I use Viscosity as VPN client with split DNS. |
Thank you guys! Works with my F5 SSL VPN as well! |
Great! I will close this. We understand that there may be other VPN related issues still in different setups, but we hope this now works for most people. If you still have issues please open a new issue for the specific problem. |
Is there a webpage listing d4m beta release history? |
this is worse with Cisco any connect |
Closed issues are locked after 30 days of inactivity. If you have found a problem that seems similar to this, please open a new issue. Send feedback to Docker Community Slack channels #docker-for-mac or #docker-for-windows. |
Expected behavior
Moby should use the
/etc/resolv.conf
of the host machineActual behavior
It doesn't :)
Unless I log in to moby and put private DNS server ahead of 192.168.65.* block.
Information
1502FA18-9B27-4FE6-BE34-C318CB0BA4A5
Steps to reproduce the behavior
/etc/resolv.conf
docker login -u vlazarenko@ebay.com -p somethingfake https://registry.ecg.so/v1/
Error response from daemon: Get https://registry.ecg.so/v1/users/: dial tcp: lookup registry.ecg.so on 192.168.65.1:53: no such host
The text was updated successfully, but these errors were encountered: