0

i'm trying to set up pihole in a docker container (on a raspberry pi) and as such, have my DNS on my ip: 192.160.170.10. The docker container runs the dns and exposes its port 53, where the dns is available

when running iplookup google.com on the host, i get the correct output:

Server:         192.160.170.10 
Address:        192.160.170.10#53
Non-authoritative answer:
Name:   google.com
Address: 172.217.16.78

My resolv.conf also contains this address. when running a docker container, i am unable to do this nslookup however:

docker run busybox nslookup google.com outputs:

;; connection timed out; no servers could be reached

Following this tutorial i've tried specifying the dns with the following command:

docker run --dns 192.160.170.10 busybox  nslookup google.com

but this also does not solve the problem. I've also tried adding the dns to /etc/docker/daemon.json, which also does nothing. the docker container's resolv.conf output is: nameserver 192.160.170.10

What is wrong with my configuration / How can i further debug this DNS issue?

edit: output from docker run --rm --net=host busybox nslookup google.com:

Server:        192.160.170.10
Address:       192.160.170.10:53

Non-authoritative answer:
Name:   google.com
Address: 172.217.16.78

*** Can't find google.com: No answer
fogx
  • 1,749
  • 2
  • 16
  • 38
  • Have you tried with a DNS that surely resolves google.com(`docker run --rm --dns 8.8.8.8 busybox nslookup google.com`)? If this still does not work, you may try to ping or telnet the nameserver to check if it is reachable. _;; connection timed out; no servers could be reached_ suggests that the resolver is not reachable. You may try to reset everything: https://stackoverflow.com/a/20431030/13736525 – Neo Anderson Sep 02 '20 at 17:42
  • 1
    i can `ping 8.8.8.8` from the container, but i can't connect with `--dns 8.8.8.8 nslookup google.com` Since i'm on a raspberry pi i can't use the link to reset my network. I've already tried it with a docker system prune though. I can also `ping google.com` though and it will resolve (but nslookup won't work) – fogx Sep 02 '20 at 18:33
  • Just for curiosity, can you try to run `docker run --rm --net=host busybox nslookup google.com`? – Neo Anderson Sep 02 '20 at 18:37
  • i've added the command and response to the answer (because formatting). – fogx Sep 02 '20 at 18:38
  • 1
    I guess the problem is in the docker-bridge network(perhaps in the iptables rules that should do the translation from the docker-bridge outside and vice-versa). If you are running the container directly on the host network(raspberry) it looks fine. Perhaps 53 is blocked somehow. Not easy to reproduce – Neo Anderson Sep 02 '20 at 18:43
  • do you have any ideas on how i can test this? I'm confused as to why i get the output `can't find google.com: no answer` with `--net=host` – fogx Sep 02 '20 at 19:45
  • Seems that busybox has a problem with IPv6. Try `docker run -ti --rm --net=host alpine nslookup google.com` or query ipv4 only `docker run -ti --rm --net=host busybox nslookup -query=A google.com` – Neo Anderson Sep 02 '20 at 19:58

0 Answers0