From owner-freebsd-net@FreeBSD.ORG Mon Dec 11 00:46:12 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 18B4E16A4A0 for ; Mon, 11 Dec 2006 00:46:12 +0000 (UTC) (envelope-from edwin@mavetju.org) Received: from mail4out.barnet.com.au (mail4.barnet.com.au [202.83.178.125]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F85043D9B for ; Mon, 11 Dec 2006 00:42:53 +0000 (GMT) (envelope-from edwin@mavetju.org) Received: by mail4out.barnet.com.au (Postfix, from userid 1001) id B984F37BAE4; Mon, 11 Dec 2006 11:44:04 +1100 (EST) X-Viruscan-Id: <457CA9D4000149ECE70DBB@BarNet> Received: from mail4auth.barnet.com.au (mail4.barnet.com.au [202.83.178.125]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail4.barnet.com.au (Postfix) with ESMTP id 8944442250A for ; Mon, 11 Dec 2006 11:44:04 +1100 (EST) Received: from k7.mavetju (k7.mavetju.org [10.251.1.18]) by mail4auth.barnet.com.au (Postfix) with ESMTP id 43E7D37BAFD for ; Mon, 11 Dec 2006 11:44:04 +1100 (EST) Received: by k7.mavetju (Postfix, from userid 1001) id E4AA212D; Mon, 11 Dec 2006 11:44:03 +1100 (EST) Date: Mon, 11 Dec 2006 11:44:03 +1100 From: Edwin Groothuis To: freebsd-net@freebsd.org Message-ID: <20061211004403.GA90167@k7.mavetju> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i Subject: resolver inside a jail X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2006 00:46:12 -0000 I am not sure if this is the right group for it, but I think that this one is a good first step. Please see http://weblog.barnet.com.au/edwin/000153.html: /etc/resolv.conf in jails I have been plagued by this error in some of my jails for a long time: $ dig foo.bar ;; reply from unexpected source: 202.83.178.125#53, expected 127.0.0.1#53 telnet itself works fine, it's just that dig and friends give this strange error. What is also strange is that the tcpdump output doesn't reflect the settings in /etc/resolv.conf: $ cat /etc/resolv.conf search barnet.com.au server 202.83.176.1 # tcpdump -ni lo0 port 53 11:28:45.204241 IP 202.83.178.125.57276 > 202.83.178.125.53: 15750 A? www.ibm.com. (29) 11:28:45.218305 IP 202.83.178.125.53 > 202.83.178.125.57276: 15750- 0/4/4 (203) Of course this was a configuration issue. In /etc/resolv.conf, the right statement is nameserver, not server. But the resolver in the jail looked through the /etc/resolv.conf of the host which contains 127.0.0.1. But the final question is: Where does it get 202.83.178.125 from? It is the IP address of the jail, to which 127.0.0.1 silently gets translated to. But the resolver still expects it to come from the 127.0.0.1 number, and is for that reason throwing the warning. Is this something I should open a bug report for? Edwin -- Edwin Groothuis | Personal website: http://www.mavetju.org edwin@mavetju.org | Weblog: http://weblog.barnet.com.au/edwin/