Date: Tue, 13 Aug 2024 09:15:05 -0700 From: Bakul Shah <bakul@iitbombay.org> To: Alex Arslan <ararslan@comcast.net> Cc: "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>, FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: Diagnosing virtual machine network issues Message-ID: <C2D17751-17A9-4429-91ED-5E60B471B22F@iitbombay.org> In-Reply-To: <607068B0-E531-4D7F-8B61-923EE5DC443D@comcast.net>
index | next in thread | previous in thread | raw e-mail
<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div dir="ltr"></div><div dir="ltr"><div style="display: block;" class="">This weird 127. address seems like a systemd feature/bug thing: <a href="https://unix.stackexchange.com/questions/612416/why-does-etc-resolv-conf-point-at-127-0-0-53">https://unix.stackexchange.com/questions/612416/why-does-etc-resolv-conf-point-at-127-0-0-53</a></div><div style="display: block;" class=""><br></div><div style="display: block;" class="">This behavior seems like some strange interaction between systemd assumptions and freebsd’s, or something not being set up quite right on the linux side when the vm is running freebsd. </div><div style="display: block;" class=""><br></div></div><div dir="ltr"><blockquote type="cite">On Aug 13, 2024, at 8:46 AM, Alex Arslan <ararslan@comcast.net> wrote:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr"><meta http-equiv="content-type" content="text/html; charset=utf-8"><div dir="auto" style="overflow-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;">Hi Rodney,<br id="lineBreakAtBeginningOfMessage"><div><br><blockquote type="cite"><div>On Aug 10, 2024, at 9:11 AM, Rodney W. Grimes <freebsd-rwg@gndrsh.dnsmgr.net> wrote:</div><br class="Apple-interchange-newline"><div><meta charset="UTF-8"><blockquote type="cite" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><br><br><blockquote type="cite">On Aug 2, 2024, at 5:58?PM, Bakul Shah <bakul@iitbombay.org> wrote:<br><br>On Aug 2, 2024, at 3:52?PM, Alex Arslan <ararslan@comcast.net> wrote:<br><blockquote type="cite"><br><blockquote type="cite">Just a comment and a name server line:<br><br>$ cat /etc/resolv.conf<br># Generated by resolvconf<br>nameserver 192.168.122.1<br></blockquote><br>I believe that is the host IP, so I guess the VM is using the host for DNS<br>resolution? Interestingly, if I add `nameserver 8.8.8.8` below the line<br>with the host IP, it takes 10 seconds rather than 30 to reach the expected<br>domain resolution failure. If I put 8.8.8.8 above the host IP, the domain<br>resolution failure is instantaneous.<br></blockquote><br>What does your host use as a namesever?<br></blockquote><br>The nameserver is 127.0.0.53. It sets options edns0 and trust-ad, and<br>includes a search entry as well.<br></blockquote><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">First, is that a typo and you mean 127.0.0.1:53?</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"></div></blockquote><div><br></div><div><div>No, the host's /etc/resolv.conf has `nameserver 127.0.0.53`, I just went</div><div>back and rechecked to be sure.</div></div><br><blockquote type="cite"><div><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">Second, is that name server locked to 127.0.0.1, or is it</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">actually listinging on *:53? If it is LOCKED you have no name server</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">running on 192.168.122.1 to be reached by the VM, if it is NOT locked</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">can the guest ping 192.168.122.1, and can it reach dns at that IP on</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">port 53? Can the host send a packet BACK to the guest?</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"></div></blockquote><div><div><br></div><div>I apologize but I don't really know enough about these things to know how</div><div>to answer your question. I did post the output of tcpdump on the VM and</div><div>the host a while back but that was for the invalid request, so that</div><div>probably doesn't capture what you're describing.</div></div><br><blockquote type="cite"><div><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">Third you can "fix" the "nameserver 192.168.122.1" entry in /etc/resolv.conf</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">by configuring the DHCP server that handed out the lease to the VM to send</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">a namserver entry of 8.8.8.8.</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"></div></blockquote><div><br></div><div>If I understand correctly, that is indeed what we've done as a Band-Aid fix</div><div>for the time being: I added the line `prepend_nameservers=8.8.8.8` to</div><div>/etc/resolvconf.conf.</div><br><blockquote type="cite"><div><blockquote type="cite" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><br><blockquote type="cite"><br><blockquote type="cite">Not a particularly satisfying conclusion to this saga as I don't understand<br>why it's happening but at least I have a workaround that should hopefully<br>do the job. I really appreciate everyone's help and input thus far!<br><br>What's the best way to add `nameserver 8.8.8.8` to /etc/resolv.conf as<br>part of the VM's configuration?<br></blockquote><br>You should diagnose the problem of the nameserver at 192.168.122.1<br>and fix it to act properly. I don't use vm (just bhyve) so can't help<br>you with its config.<br></blockquote><br>I do still plan to try to figure out what the actual issue is, but I also<br>now have a path forward in the meantime. :)<br><br><br></blockquote><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">--<span class="Apple-converted-space"> </span></span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;">Rod Grimes </span><a href="mailto:rgrimes@freebsd.org" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;">rgrimes@freebsd.org</a></div></blockquote></div><br></div></div></blockquote></body></html>help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C2D17751-17A9-4429-91ED-5E60B471B22F>