Join Log in
Score:0
p305 avatar Server

UDP DNS requests are failed in docker container

sk flag
p305

I have two container in bridged network one of these is a bind container and the second a kali linux for testing my network issue and a bind server who the 53 port is used in udp and tcp

If i use a custom IP on my resolv.conf, all is ok (172.17.0.2) bu if i use the ip of my container server (192.168.0.32) the udp request is failed

I don't understand why because my bind container has the port 53 binded into the container server

I have two container in bridged network :

# docker inspect network bridge

“Containers”: {
“d8482b24584fb287c2d91ba43f4c33edb2399fe6ac057ac2c4a26c485a6f0c19”: {
“Name”: “kali”,
“EndpointID”: “bc7296fa365d362ec50374feef991168fbe4d76ca7ff8c880446c5a7b5328e62”,
“MacAddress”: “02:42:ac:11:00:03”,
“IPv4Address”: “172.17.0.3/16”,
“IPv6Address”: “”
},
“eb038953140d3bb3834d29fbce080d5b0dc7cf6e58c363c3de8b0ce9156f3a29”: {
“Name”: “bind9”,
“EndpointID”: “12f59dfad9fd7380d2777af76308d10a192a5a14272e4ae099a6e4fdd2422282”,
“MacAddress”: “02:42:ac:11:00:02”,
“IPv4Address”: “172.17.0.2/16”,
“IPv6Address”: “”
}

docker container ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d8482b24584f kalilinux/kali-rolling “bash” 3 hours ago Up About a minute kali
eb038953140d named:latest “/usr/sbin/named -f …” 3 hours ago Up 3 hours 0.0.0.0:53->53/tcp, 0.0.0.0:53->53/udp, 127.0.0.1:953->953/tcp bind9

a kali linux for testing my network issue and a bind server who the 53 port is used in udp and tcp

the kali linux has my containers server as resolver :

┌──(root㉿d8482b24584f)-[/]
└─# cat /etc/resolv.conf

Generated by NetworkManager
search rj46 home
nameserver 192.168.0.32

when i do a dig request in udp from my kali server, i have a timeout

┌──(root㉿d8482b24584f)-[/]
└─# dig @192.168.0.32 domain
;; communications error to 192.168.0.32#53: timed out

when i do the same but in tcp, i ave an answer :

┌──(root㉿d8482b24584f)-[/]
└─# dig @192.168.0.32 +tcp domain

; <<>> DiG 9.18.8-1-Debian <<>> @192.168.0.32 +tcp domain
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24656
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 0f1e0a3fb347a22b01000000636bdb0ce3cfabd139bd1a0e (good)
;; QUESTION SECTION:
emzm5pam37e4.wpeproxy.com. 251 IN A 141.193.213.20
emzm5pam37e4.wpeproxy.com. 251 IN A 141.193.213.21

;; Query time: 1 msec
;; SERVER: 192.168.0.32#53(192.168.0.32) (TCP)
;; WHEN: Wed Nov 09 16:53:32 UTC 2022
;; MSG SIZE rcvd: 142

I don’t understand why i have a timeout in udp

If i do a tcpdump i have this issue :

7:36:45.580182 IP 172.17.0.5 > 172.17.0.1: ICMP 172.17.0.5 udp port 44520 unreachable, length 123

An idea ?

392
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.