From nobody Tue Aug 13 16:15:05 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WjxLj2cszz5T06G for ; Tue, 13 Aug 2024 16:15:25 +0000 (UTC) (envelope-from bakul@iitbombay.org) Received: from mail-pj1-x102f.google.com (mail-pj1-x102f.google.com [IPv6:2607:f8b0:4864:20::102f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WjxLj0swzz4NWC for ; Tue, 13 Aug 2024 16:15:24 +0000 (UTC) (envelope-from bakul@iitbombay.org) Authentication-Results: mx1.freebsd.org; none Received: by mail-pj1-x102f.google.com with SMTP id 98e67ed59e1d1-2cd2f89825fso3762281a91.1 for ; Tue, 13 Aug 2024 09:15:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iitbombay-org.20230601.gappssmtp.com; s=20230601; t=1723565719; x=1724170519; darn=freebsd.org; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:from:to:cc:subject:date:message-id :reply-to; bh=TVEteGq+wbONS5fp+kdcIPY8eXUPgWgjHgDWg1jqKFI=; b=Xffsa66WIRf0Llt84VpGQQ1cCP4AfQGWuU52vNQd51k42O5dhOfX7nd/0F0l4FRTRT LZ0EQZ/VYjatkhwNoSVjunedNA9S86jRAzv93ALXzTrquK0fZsITWopRYQPH2669ABBm KOIOQ0sPSQvmSqxmztWxLX0vEqVeWowza2w571gpdlgghsKlRsz4qTq3xxgPOoia6oN0 oEeScoTd5+YdzvZ3lba1312+YYn8zjkbOYVEToaJIcrfLVnSZSakDbjofTYu+nhLUfwF pwBzRz6OW4rrJz4KbUiFDYRQ6Mu5NJeY29Tk4JxEnQT1XjCYJ7j1yEqd/A1s0ipYCHXu 67mA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723565719; x=1724170519; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TVEteGq+wbONS5fp+kdcIPY8eXUPgWgjHgDWg1jqKFI=; b=eOMF+Dz5Udglr3FZzpTd4Bs6yrNCmFifByvKCqMRnoRIwtrXyHBGkzcBPMCBW4ykow 4EMQ/PT/kicQQmpP5Of2xm5BhmpXIUsR68eXN5yX+inc4ZwnB8imc/diy2Z1X7Pb+gfT fAKSKEyXvvOkr/1GB7xTYebHv1WnaKoHzad05R1HKQ9suA7TrovhnEeiHoJkIdgCNZRb 4u/zIaKBOhRUL0swrtTgCNw8rNpyD2fftb9b8A7ACPVUhn3JFSgyXWmF7FHDNZXt0lqy a1pV6Xy3JnFkh6UPddmNz+AtONyxCFmst2iS8Ce3+Q/aqsI7h9E0jJWClT655CfVVkLZ zwMg== X-Forwarded-Encrypted: i=1; AJvYcCU4xfUfsmRQ6svYr0FQX1aSpw+FdyeVVnfDvMettMQA/wSSPBwmuFyzplgXOolgc3agV7ZrRHDk98c4OlWXN17Vlv9XDq/uzQbXU/c= X-Gm-Message-State: AOJu0YxLtyGJl5E792vcjvA0DYkJigjrqH2jp7Q/fk1MWme6sE+5AbrY 6V13nm7NJSZ1HyKYIpyRWGK8KylVyiUxSSSd0y1xapA6+DnF5J0mfXnr1xzoEPzlwbd9TKkMHq4 = X-Google-Smtp-Source: AGHT+IEHJuFJl3RKaUb1ZznXshzmv/ERdc9QpAbElWfwFUE30IbwL/gZ/TiwCXTHSRGZtiF9VOqwCQ== X-Received: by 2002:a17:90b:4f8b:b0:2d1:ca16:554d with SMTP id 98e67ed59e1d1-2d3924e16c4mr4602747a91.4.1723565717848; Tue, 13 Aug 2024 09:15:17 -0700 (PDT) Received: from smtpclient.apple (107-215-223-229.lightspeed.sntcca.sbcglobal.net. [107.215.223.229]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2d3931f1255sm2479486a91.53.2024.08.13.09.15.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 13 Aug 2024 09:15:17 -0700 (PDT) Content-Type: multipart/alternative; boundary=Apple-Mail-6C287FBB-2318-4FEC-A070-66B1CC895C7D Content-Transfer-Encoding: 7bit From: Bakul Shah List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@FreeBSD.org Mime-Version: 1.0 (1.0) Subject: Re: Diagnosing virtual machine network issues Date: Tue, 13 Aug 2024 09:15:05 -0700 Message-Id: References: <607068B0-E531-4D7F-8B61-923EE5DC443D@comcast.net> Cc: "Rodney W. Grimes" , FreeBSD Hackers In-Reply-To: <607068B0-E531-4D7F-8B61-923EE5DC443D@comcast.net> To: Alex Arslan X-Mailer: iPad Mail (20H350) X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Queue-Id: 4WjxLj0swzz4NWC --Apple-Mail-6C287FBB-2318-4FEC-A070-66B1CC895C7D Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
This weird 127. address seems like a s= ystemd feature/bug thing: https://unix.sta= ckexchange.com/questions/612416/why-does-etc-resolv-conf-point-at-127-0-0-53=

This behavior seems like some strange interactio= n between systemd assumptions and freebsd=E2=80=99s, or something not being s= et up quite right on the linux side when the vm is running freebsd. 

On Aug 13, 2024, at 8:46 AM, Alex Arslan <ara= rslan@comcast.net> wrote:

=EF=BB=BF
Hi Rodney,

On Aug 10, 2024, at 9:11=E2=80=AFAM, Rodney W. Grimes <freebsd-rwg@gnd= rsh.dnsmgr.net> wrote:

=

On Aug 2, 2024, at 5:58?PM, Bakul Shah <bakul@= iitbombay.org> wrote:

On Aug 2, 2024, at 3:52?PM, Alex Arslan <= ararslan@comcast.net> wrote:

Just a comment and a name server line:

$ cat /etc/reso= lv.conf
# Generated by resolvconf
nameserver 192.168.122.1

I believe that is the host IP, so I guess the VM is using the host f= or DNS
resolution? Interestingly, if I add `nameserver 8.8.8.8` below the= line
with the host IP, it takes 10 seconds rather than 30 to reach the e= xpected
domain resolution failure. If I put 8.8.8.8 above the host IP, th= e domain
resolution failure is instantaneous.

What do= es your host use as a namesever?

The nameserver is 127.0= .0.53. It sets options edns0 and trust-ad, and
includes a search entry as= well.

First, is that a typo and you mean 127.0.0.1:= 53?

N= o, the host's /etc/resolv.conf has `nameserver 127.0.0.53`, I just went
back and rechecked to be sure.

Secon= d, is that name server locked to 127.0.0.1, or is it
actually l= istinging on *:53?  If it is LOCKED you have no name server
running on 192.168.122.1 to be reached by the VM, if it is NOT locked
can the guest ping 192.168.122.1, and can it reach dns at that IP= on
port 53?   Can the host send a packet BACK to t= he guest?

=
I apologize but I don't really know enough about these things to know h= ow
to answer your question. I did post the output of tcpdump on th= e VM and
the host a while back but that was for the invalid reques= t, so that
probably doesn't capture what you're describing.
<= /div>
Third you can "fix" the "nameserver 192.168.122.= 1" entry in /etc/resolv.conf
by configuring the DHCP server th= at handed out the lease to the VM to send
a namserver entry of= 8.8.8.8.

= If I understand correctly, that is indeed what we've done as a Band-Aid fix<= /div>
for the time being: I added the line `prepend_nameservers=3D8.8.8.= 8` to
/etc/resolvconf.conf.



Not a particularly satisfying conclusion to t= his saga as I don't understand
why it's happening but at least I have a w= orkaround that should hopefully
do the job. I really appreciate everyone'= s help and input thus far!

What's the best way to add `nameserver 8.8= .8.8` to /etc/resolv.conf as
part of the VM's configuration?

You should diagnose the problem of the nameserver at 192.168.122.1and fix it to act properly. I don't use vm (just bhyve) so can't help
y= ou with its config.

I do still plan to try to figure out= what the actual issue is, but I also
now have a path forward in the mean= time. :)



-- 
Rod Grimes      &= nbsp;            = ;            &nb= sp;            &= nbsp;    rgrim= es@freebsd.org

= --Apple-Mail-6C287FBB-2318-4FEC-A070-66B1CC895C7D--