Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avi DNS validation fails if using a different DNS server than system #34

Closed
carlosonunez-vmw opened this issue May 24, 2022 · 0 comments
Closed

Avi DNS validation fails if using a different DNS server than system #34

carlosonunez-vmw opened this issue May 24, 2022 · 0 comments
Labels
feature/enhancement New feature or enhancement request investigating Label to be used for investigation state module_API Label for API module issues

Comments

@carlosonunez-vmw
Copy link
Contributor

carlosonunez-vmw commented May 24, 2022
edited

What happened?

The Arcas UI fails to validate Avi FQDNs if the records are not present on the system's DNS server regardless of whether a custom DNS server is provided or not.

How to reproduce

  1. install dnsmasq on the SIVT appliance (yum -y install dnsmasq)
  2. Add the following to /etc/dnsmasq.conf:
listen-address=127.0.0.1,::1,10.220.3.251
server=8.8.8.8
server=8.8.4.4
address=/avi-01.tkg.local/172.16.10.10
address=/avi-02.tkg.local/172.16.10.28
address=/avi-03.tkg.local/172.16.10.29
address=/avi-cluster.tkg.local/172.16.10.30
interface=eth0
expand-hosts
domain=tkg.local
  1. Add this line to /etc/systemd/resolved.conf:
DNSStubListener=no
  1. Restart dnsmasq and systemd-resolved: systemctl restart systemd-resolved dnsmasq
  2. Confirm that avi-01.tkg.local is resolvable locally:
dig @127.0.0.1 avi-01.tkg.local +short
172.16.10.10
  1. Confirm that avi-01.tkg.local is NOT resolvable by your system's resolver:
dig avi-01.tkg.local +short
  1. Start the Service Installer UI.
  2. Set the DNS server to 127.0.0.1
  3. Add Avi records as shown in the dnsmasq.conf file above

What should happen?

Validation should pass

What actually happens?

Validation hangs for a few seconds then fails.

Additional notes

  • This is happening because you need to append an @ before your DNS server in the line here.
carlosonunez-vmw added a commit to carlosonunez-vmw/service-installer-for-vmware-tanzu that referenced this issue May 24, 2022
@carlosonunez-vmw
vmware-tanzu#34: tell dig that dns_server is DNS server
e0cd9f0 
fixes vmware-tanzu#34
@carlosonunez-vmw carlosonunez-vmw mentioned this issue May 24, 2022
Merged
carlosonunez-vmw added a commit to carlosonunez-vmw/service-installer-for-vmware-tanzu that referenced this issue May 24, 2022
@carlosonunez-vmw
fixes vmware-tanzu#34
baf59de 
Signed-Off-By: Carlos Nunez <ncarlos@vmware.com>
@carlosonunez-vmw carlosonunez-vmw mentioned this issue May 25, 2022
Closed
carlosonunez-vmw added a commit to carlosonunez-vmw/service-installer-for-vmware-tanzu that referenced this issue May 26, 2022
@carlosonunez-vmw
fixes vmware-tanzu#34
42c2f3c 
Signed-Off-By: Carlos Nunez <ncarlos@vmware.com>
@rashikwal rashikwal added feature/enhancement New feature or enhancement request investigating Label to be used for investigation state module_API Label for API module issues labels May 31, 2022
carlosonunez-vmw added a commit to carlosonunez-vmw/service-installer-for-vmware-tanzu that referenced this issue May 31, 2022
@carlosonunez-vmw
fixes vmware-tanzu#34
bfc3c4e 
Signed-Off-By: Carlos Nunez <ncarlos@vmware.com>
tasmiya-bano pushed a commit that referenced this issue Jul 22, 2022
@carlosonunez-vmw
fixes #34 (#35)
bc684ed 
Signed-Off-By: Carlos Nunez <ncarlos@vmware.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature/enhancement New feature or enhancement request investigating Label to be used for investigation state module_API Label for API module issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rashikwal @carlosonunez-vmw