Join Log in
Score:-1
Michał Turczyn avatar Server

DNS server hosted in docker

tr flag
Michał Turczyn

I am trying to follow tutorial on how to setup DNS server hosted as docker image.

But of course I am facing problems.

I have setup named.conf file as below. But i am completely uncertain what IP addresses I should put, I have put my local machine (that i use to run docker), default gateway ip:

acl internal {
  192.168.1.0/24;
  192.168.0.0/24;
  127.0.0.1;
  localhost;
  192.168.0.144;
};

options {
  forwarders {
    8.8.8.8;
    8.8.4.4;
  };
  allow-query { internal; };
};

zone "test.home." IN {
  type master;
  file "/etc/bind/test-home.zone";
};

Below i attach test-home.zone file

$TTL 2d

$ORIGIN test.home.

@           IN  SOA test.home. root.test.home. (
    202306151534    ; serial
    12h
    15m
    3w
    2h
    )

    IN  NS ns.test.home.

@           IN  NS  ns.test.home.

ns          IN  A   172.19.0.1

test-name   IN  A   192.168.0.144

Having such setup, I could resolve known names with commands:

nslookup google.com 172.19.0.1

The output of above command:

Server:  UnKnown
Address:  172.19.0.1

Non-authoritative answer:
Name:    google.com
Addresses:  2a00:1450:401b:814::200e
          142.250.203.142

But when I tried to resolve my name, it could not find a domain:

nslookup test-name.test.home 172.19.0.1

and the output:

Server:  UnKnown
Address:  172.19.0.1

*** UnKnown can't find test-name.test.home: Non-existent domain

Other details:

I run my docker image on Ubuntu
I use Bind9 for DNS server.
Here is output of docker inspect command for container hosting DNS server:
 "NetworkSettings": {
    "Bridge": "",
    "SandboxID": "4b80c61e0f521afd51926708b1bfcc0fdb71a755566114af9cbe93cd0a44a462",
    "HairpinMode": false,
    "LinkLocalIPv6Address": "",
    "LinkLocalIPv6PrefixLen": 0,
    "Ports": {
        "53/tcp": [
            {
                "HostIp": "0.0.0.0",
                "HostPort": "53"
            }
        ],
        "53/udp": [
            {
                "HostIp": "0.0.0.0",
                "HostPort": "53"
            }
        ],
        "953/tcp": null
    },
    "SandboxKey": "/var/run/docker/netns/4b80c61e0f52",
    "SecondaryIPAddresses": null,
    "SecondaryIPv6Addresses": null,
    "EndpointID": "",
    "Gateway": "",
    "GlobalIPv6Address": "",
    "GlobalIPv6PrefixLen": 0,
    "IPAddress": "",
    "IPPrefixLen": 0,
    "IPv6Gateway": "",
    "MacAddress": "",
    "Networks": {
        "dns-experiments_default": {
            "IPAMConfig": null,
            "Links": null,
            "Aliases": [
                "bind9",
                "ab0859f8c64b"
            ],
            "NetworkID": "9d5d03264503be5fee52e99bc04407da0d41f87eff3b07393805bc7aa019c734",
            "EndpointID": "e8612947adc69d959dbac41abf78f8f14b7394efb5bb11a4d453e8bea745c298",
            "Gateway": "172.19.0.1",
            "IPAddress": "172.19.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "MacAddress": "02:42:ac:13:00:02",
            "DriverOpts": null
        }
    }
}

So the question is: it does not seem to resolve my name test-name.test.home correctly. Why and how could I fix it?

Update

Per recommendation from comments, I tried using IP address from my docker inspect output, but it did not work either. When executing nslookup I get only:

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out
152
1 + 3
HBruijn avatar
in flag
HBruijn
Please use copy-paste and avoid posting screenshots of text when posting console output / settings. Format that text as "`code`" using [Markdown](https://serverfault.com/editing-help) and/or the formatting options in the edit menu to properly type-set your posts. That improves readability, attracts better answers , allows others to use copy-and-paste and allows indexing by search engines, which may help people with similar questions.
0
Reply
HBruijn avatar
in flag
HBruijn
The problem with https://i.stack.imgur.com/nyyjc.png is that it appears that you query your gateway ( based on the docker inspect output `"Gateway": "172.19.0.1"`) and that gateway is not your Bind name server, that would be the `"IPAddress": "172.19.0.2"` - only your own name server is aware of authoritative for your made-up domain
0
Reply
Michał Turczyn avatar
tr flag
Michał Turczyn
@HBruijn Hi and thanks for comments, unfortunately your suggestion does not work
0
Reply
Score:0
Michał Turczyn avatar Server
tr flag
Michał Turczyn

The solution was quite obvious after all.

I just have run

named-checkzone test.home test-home.zone

command and it turned out that it had two problems:

  • serial number was out of range (specifying just, as example, 230616 worked)
  • the file did not end in newline

After fixing it i run named-checkzone again and it returned OK and i could successfully resolve my DNS entries.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.