Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS resolution fails for resources behind DirectAccess #3703

Closed
chrishas35 opened this issue Dec 7, 2018 · 3 comments
Closed

DNS resolution fails for resources behind DirectAccess #3703

chrishas35 opened this issue Dec 7, 2018 · 3 comments
Labels
duplicate

Comments

@chrishas35
Copy link

  • Your Windows build number: 10.0.17134.407

  • What you're doing and what's happening: attempting to resolve DNS for a server accessible over DirectAccess does not return the IPv6 address. By adding an entry to /etc/hosts with the IP from Windows name resolution the resources is then accessible. For example, we have a GitHub Enterprise instance that lives inside the corporate network and is made accessible over DA:

Ubuntu:

$ ping github.example.corp
ping: github.example.corp: Name or service not known

Windows:

>ping github.example.corp

Pinging github.example.corp [redacted] with 32 bytes of data:
Reply from redacted: time=29ms

Back to Ubuntu:

$ cat /etc/hosts
# This file is automatically generated by WSL based on the Windows hosts file:
# %WINDIR%\System32\drivers\etc\hosts. Modifications to this file will be overwritten.
127.0.0.1       localhost
127.0.1.1       localdevicename.example.corp        localdevicename

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

redacted github.example.corp

$ ping github.example.corp
PING github.example.corp(github.example.corp (redacted)) 56 data bytes
64 bytes from github.example.corp (redacted): icmp_seq=1 ttl=253 time=30.9 ms
  • What's wrong / what should be happening instead: The initial resolution of the resource behind DirectAccess should resolve to the IPv6 address so that the internal addresses do not have to be managed individual via /etc/hosts
@therealkenc
Copy link
Collaborator

There's also no repro here, but #2082 #1350 et al.

@chrishas35
Copy link
Author

@therealkenc I agree there are likely some similarities to the other issues that have been logged, I did not see mention of DirectAccess in any issued logged today. Being that DirectAccess is a Microsoft technology baked into the OS, I suppose I have a slightly higher expectation for it to work together. Since it wasn't explicitly state anywhere I wanted to make sure the use case is captured as it seems Microsoft's own VPN technology would be just as important, if not more so, than third party VPNs. Potentially the work underway that is mentioned in other issues is expected to also accommodate DirectAccess and it's just not called out?

@colinhuckstep
Copy link

Old thread I know, but I added the IPv6 addresses that DirectAccess resolved for our internal DNS Servers to my /etc/resolv.conf file and was able to resolve internal resources then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chrishas35 @therealkenc @colinhuckstep