resolver inside a jail

[Edwin Groothuis]

I am not sure if this is the right group for it, but I think that
this one is a good first step.

Please see http://weblog.barnet.com.au/edwin/000153.html:

    /etc/resolv.conf in jails

    I have been plagued by this error in some of my jails for a long time:

    $ dig foo.bar
    ;; reply from unexpected source: 202.83.178.125#53, expected 127.0.0.1#53

    telnet itself works fine, it's just that dig and friends give
    this strange error. What is also strange is that the tcpdump
    output doesn't reflect the settings in /etc/resolv.conf:

    $ cat /etc/resolv.conf
    search barnet.com.au
    server 202.83.176.1

    # tcpdump -ni lo0 port 53
    11:28:45.204241 IP 202.83.178.125.57276 > 202.83.178.125.53: 15750 A? www.ibm.com. (29)
    11:28:45.218305 IP 202.83.178.125.53 > 202.83.178.125.57276: 15750- 0/4/4 (203)

    Of course this was a configuration issue. In /etc/resolv.conf,
    the right statement is nameserver, not server. But the resolver
    in the jail looked through the /etc/resolv.conf of the host
    which contains 127.0.0.1.

    But the final question is: Where does it get 202.83.178.125
    from? It is the IP address of the jail, to which 127.0.0.1
    silently gets translated to. But the resolver still expects it
    to come from the 127.0.0.1 number, and is for that reason
    throwing the warning.

Is this something I should open a bug report for?

Edwin

-- 
Edwin Groothuis      |            Personal website: http://www.mavetju.org
edwin at mavetju.org    |          Weblog: http://weblog.barnet.com.au/edwin/