From nobody Sat Aug 10 16:11:22 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wh5Pn73yMz5SShr for ; Sat, 10 Aug 2024 16:11:41 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (pdx.rh.CN85.dnsmgr.net [65.75.216.6]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wh5Pm6V5qz4Vnx for ; Sat, 10 Aug 2024 16:11:40 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=gndrsh.dnsmgr.net; spf=pass (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net designates 65.75.216.6 as permitted sender) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 47AGBNaU065738; Sat, 10 Aug 2024 09:11:23 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 47AGBMV4065737; Sat, 10 Aug 2024 09:11:22 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202408101611.47AGBMV4065737@gndrsh.dnsmgr.net> Subject: Re: Diagnosing virtual machine network issues In-Reply-To: <4129CE13-5B1A-4E2E-A9C4-7A0162D1E5CC@comcast.net> To: Alex Arslan Date: Sat, 10 Aug 2024 09:11:22 -0700 (PDT) CC: Bakul Shah , FreeBSD Hackers X-Mailer: ELM [version 2.4ME+ PL121h (25)] List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@FreeBSD.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.79 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.99)[-0.986]; DMARC_POLICY_ALLOW(-0.50)[gndrsh.dnsmgr.net,none]; R_SPF_ALLOW(-0.20)[+ip4:65.75.216.0/23:c]; MIME_GOOD(-0.10)[text/plain]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; FREEMAIL_TO(0.00)[comcast.net]; ASN(0.00)[asn:10494, ipnet:65.75.216.0/23, country:US]; R_DKIM_NA(0.00)[]; MLMMJ_DEST(0.00)[freebsd-hackers@FreeBSD.org]; RCVD_TLS_LAST(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2]; TO_DN_ALL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCPT_COUNT_THREE(0.00)[3] X-Rspamd-Queue-Id: 4Wh5Pm6V5qz4Vnx > > > > On Aug 2, 2024, at 5:58?PM, Bakul Shah wrote: > > > > On Aug 2, 2024, at 3:52?PM, Alex Arslan wrote: > >> > >>> Just a comment and a name server line: > >>> > >>> $ cat /etc/resolv.conf > >>> # Generated by resolvconf > >>> nameserver 192.168.122.1 > >> > >> I believe that is the host IP, so I guess the VM is using the host for DNS > >> resolution? Interestingly, if I add `nameserver 8.8.8.8` below the line > >> with the host IP, it takes 10 seconds rather than 30 to reach the expected > >> domain resolution failure. If I put 8.8.8.8 above the host IP, the domain > >> resolution failure is instantaneous. > > > > What does your host use as a namesever? > > The nameserver is 127.0.0.53. It sets options edns0 and trust-ad, and > includes a search entry as well. First, is that a typo and you mean 127.0.0.1:53? Second, is that name server locked to 127.0.0.1, or is it actually listinging on *:53? If it is LOCKED you have no name server running on 192.168.122.1 to be reached by the VM, if it is NOT locked can the guest ping 192.168.122.1, and can it reach dns at that IP on port 53? Can the host send a packet BACK to the guest? Third you can "fix" the "nameserver 192.168.122.1" entry in /etc/resolv.conf by configuring the DHCP server that handed out the lease to the VM to send a namserver entry of 8.8.8.8. > > > > >> Not a particularly satisfying conclusion to this saga as I don't understand > >> why it's happening but at least I have a workaround that should hopefully > >> do the job. I really appreciate everyone's help and input thus far! > >> > >> What's the best way to add `nameserver 8.8.8.8` to /etc/resolv.conf as > >> part of the VM's configuration? > > > > You should diagnose the problem of the nameserver at 192.168.122.1 > > and fix it to act properly. I don't use vm (just bhyve) so can't help > > you with its config. > > I do still plan to try to figure out what the actual issue is, but I also > now have a path forward in the meantime. :) > > -- Rod Grimes rgrimes@freebsd.org