Join Log in
Score:1
Johannes Hinkov avatar Server

Fedora 34 - Unable to resolve any name inside docker containers

ua flag
Johannes Hinkov

im on Fedora 34 (= host system) and i have a problem within my docker containers not resolving any domain. On the host resolution works without problems.

Here's what i tried:

  • restart & reinstall docker
  • disable firewall
  • restart machine
  • restart dns
  • different docker images
  • explicitly setting dns in docker (see below)
  • using network mode in docker (see below)
  • disabling ipv6

However, i cannot get a name resolved in any container:

~ docker run busybox nslookup google.com 
Server:     8.8.8.8
Address:    8.8.8.8:53

Non-authoritative answer:
Name:   google.com
Address: 142.251.36.174

*** Can't find google.com: No answer

As described, it works on the host:

~ nslookup google.com
Server:     127.0.0.53
Address:    127.0.0.53#53

Non-authoritative answer:
Name:   google.com
Address: 142.251.36.206
Name:   google.com
Address: 2a00:1450:4016:809::200e

What's also weird, even running with the hosts network or explicitly setting the dns doesn't help:

Tried setting with hosts dns (here it even says timed out...)

~ docker run --dns 127.0.0.53 busybox nslookup google.com
;; connection timed out; no servers could be reached

Tried with google dns:

~ docker run --dns 8.8.8.8 busybox nslookup google.com
Server:     8.8.8.8
Address:    8.8.8.8:53

Non-authoritative answer:
Name:   google.com
Address: 142.251.36.238

*** Can't find google.com: No answer

Tried with host network:

 ~ docker run --network="host" busybox nslookup google.com
Server:     8.8.8.8
Address:    8.8.8.8:53

Non-authoritative answer:
Name:   google.com
Address: 142.251.36.238

*** Can't find google.com: No answer

Im running out of ideas..anyone has a hint, what's going on here?

Additional information: It used to work, i didn't change anything on my system as far as i remember that could have an impact on that.

1083
0 + 0
Score:2
avatar Server
cn flag
hardillb

But you are getting an answer, the 2 lines after Non-authoritative answer: are the result (142.251.36.238 is a valid IP address for Google).

What you are not getting is an IPv6 answer by the look of things.

You can just run:

docker run busybox nslookup -type=A google.com

And it should just return the IP address with out the error.

I suspect that the default behaviour of nslookup in busybox might have changed to return both IPv4 and IPv6 Addresses which is why this looks to have changed.

0 + 0
Johannes Hinkov avatar
ua flag
Johannes Hinkov
Yep, this is also a right answer, thank you!
1
Reply
Score:1
jonasclaes avatar Server
ar flag
jonasclaes

Can you try running the nslookup command with a DNS server specified? As in: nslookup google.com 8.8.8.8, or in your case: docker run busybox nslookup google.com 8.8.8.8. This will help us to eliminate possible network issues in the Docker bridge.

0 + 0
Johannes Hinkov avatar
ua flag
Johannes Hinkov
Here's the output: `~ docker run busybox nslookup google.com 8.8.8.8 Server: 8.8.8.8 Address: 8.8.8.8:53 Non-authoritative answer: Name: google.com Address: 142.251.36.238 *** Can't find google.com: No answer `
1
Reply
Johannes Hinkov avatar
ua flag
Johannes Hinkov
Additional Info: I hooked up another system with a brand new fedora 34, same behaviour. Also tried different networks (home / work)
0
Reply
jonasclaes avatar
ar flag
jonasclaes
Okay, since this is still giving you an error, that means there is something really f***ed. I'm thinking about system time, is that correct?
0
Reply
jonasclaes avatar
ar flag
jonasclaes
Actually, I've found a similar issue. Could you try running `docker run busybox nslookup -type=a google.com`? Other issue: https://stackoverflow.com/questions/52663711/how-should-i-interpret-a-cant-find-from-nslookup-inside-a-docker-busybox-c
0
Reply
Johannes Hinkov avatar
ua flag
Johannes Hinkov
Yes, that worked immediatly! `~ docker run busybox nslookup -type=a google.com Server: 8.8.8.8 Address: 8.8.8.8:53 Non-authoritative answer: Name: google.com Address: 142.251.36.238 `
1
Reply
jonasclaes avatar
ar flag
jonasclaes
Okay so it's just a bug in the latest busybox version on Docker. I would like to refer you to the issue I posted 1 comment ago. I think this is solved then?
0
Reply
Johannes Hinkov avatar
ua flag
Johannes Hinkov
Yes, this helped, thank you!
0
Reply
Score:0
Jun avatar Server
cn flag
Jun

For those having the same issue on Alpine Linux, it is indeed a known bug of busybox >1.28 with IPv6 records. A workaround is installing bind-tools to get another nslookup binary :

apk update && apk add bind-tools
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.