Dnsmasq stopping abruptly

Question

Dnsmasq stopping abruptly

kmskrishna opened this issue 3 years ago · comments

Sai Krishna Kothapalli commented 3 years ago

Hello

I am running subspace in a docker and dnsmasq is also running in the docker. It was uninstalled in the host machine as mentioned in the docs.

I also added some internal domains to /etc/hosts. And the DNS resolution is working well when connected to the VPN.

Everything works as expected but randomly the DNS resolution stops. On restarting the docker container everything works normally again.

I got access to the docker shell using docker exec and inside the container, DNS is working fine. it is just that in the wireguard clients and the host, DNS resolution is stopping randomly.

dnsmasq is running when checked with ps aux | grep dnsmasq on the host system.

Expected behaviour

DNS should resolve normally every time.

Additional context
I am facing this issue right now with 2 different machines which are on AWS.

Sai Krishna Kothapalli · Answer 1 · Wed Jun 30 2021 15:56:07 GMT+0800 (China Standard Time)

Is there a way to run dnsmasq on the host machine and disable it in the docker?

Gabriel Chamon Araujo · Answer 2 · Wed Jun 30 2021 19:45:37 GMT+0800 (China Standard Time)

hey @kmskrishna, currently there is only the option to disable dnsmasq along with DNS tunneling altogether. We haven't split that config into two. Maybe we could implement an override and you could configure DNS to be your server IP

Sai Krishna Kothapalli · Answer 3 · Wed Jun 30 2021 20:22:40 GMT+0800 (China Standard Time)

Apart from that, I am encountering this issue a lot regularly, Any idea how to debug this. DNS works in docker but not on the host system. What might be the issue?

Gabriel Chamon Araujo · Answer 4 · Wed Jun 30 2021 20:24:52 GMT+0800 (China Standard Time)

do you think this is related to #141 ? Try #144 (comment)

Sai Krishna Kothapalli · Answer 5 · Wed Jun 30 2021 20:53:54 GMT+0800 (China Standard Time)

hey @kmskrishna, currently there is only the option to disable dnsmasq along with DNS tunneling altogether. We haven't split that config into two. Maybe we could implement an override and you could configure DNS to be your server IP

Do you think doing this would solve the issue? I am running a wireguard/dnsmasq together without subspace and didn't face any issue. This makes me believe that this is a docker related issue. Not able to come up with a good way to debug it though. One way to do is to run dnsmasq outside the docker and test but that is not supported in subspace as of now.

Sai Krishna Kothapalli · Answer 6 · Wed Jun 30 2021 22:31:56 GMT+0800 (China Standard Time)

do you think this is related to #141 ? Try #144 (comment)

It definitely sounds like #141 and I tried the solution mentioned in #144 will update you on how it works.

Can we concretely say if the issue is because of docker and dnsmasq? What test can we do to prove/disprove this?

Gabriel Chamon Araujo · Answer 7 · Thu Jul 01 2021 03:25:47 GMT+0800 (China Standard Time)

I am really in the dark here. I have little knowledge of dnsmasq and personally I use VPN across different countries so I have to disable dnsmasq. I don't have, therefore, real world experience with dnsmasq. @agonbar can you think of a way to test this?

Frank · Answer 8 · Thu Jul 01 2021 15:11:41 GMT+0800 (China Standard Time)

Could this be related to #194? Do you see anything in the docker logs for the subspace container?

Sai Krishna Kothapalli · Answer 9 · Fri Jul 02 2021 16:16:33 GMT+0800 (China Standard Time)

@syphernl Docker logs show only this that mention dnsmasq

dnsmasq: started, version 2.80 cachesize 150
dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify dumpfile
dnsmasq: reading /etc/resolv.conf
dnsmasq: using nameserver 1.1.1.1#53
dnsmasq: read /etc/hosts - 10 addresses
run: dnsmasq: (pid 54) 5s; run: log: (pid 52) 5s

Sai Krishna Kothapalli · Answer 10 · Fri Jul 02 2021 17:56:45 GMT+0800 (China Standard Time)

do you think this is related to #141 ? Try #144 (comment)

It definitely sounds like #141 and I tried the solution mentioned in #144 will update you on how it works.

Can we concretely say if the issue is because of docker and dnsmasq? What test can we do to prove/disprove this?

I tried the fix mentioned in #144, it didn't work.

Gabriel Chamon Araujo · Answer 11 · Fri Jul 02 2021 18:45:29 GMT+0800 (China Standard Time)

One sanity check question. How are you launching subspace? Post here the compose config or docker command

Sai Krishna Kothapalli · Answer 12 · Fri Jul 02 2021 21:09:53 GMT+0800 (China Standard Time)

One sanity check question. How are you launching subspace? Post here the compose config or docker command

Using the docker command line

 sudo docker create \
                    --name subspace \
                    --restart always \
                    --network host \
                    --cap-add NET_ADMIN \
                    --volume /data:/data \
                    --volume /etc/dnsmasq.d:/etc/dnsmasq.d \
                    --env SUBSPACE_HTTP_HOST="domain.com" \
                    --env SUBSPACE_DISABLE_DNS=true \
                    --env SUBSPACE_LISTENPORT="51820" \
                    --env SUBSPACE_ALLOWED_IPS="110.99.97.0/24" \
                    subspacecommunity/subspace:latest

Then

sudo docker start subspace

Gabriel Chamon Araujo · Answer 13 · Fri Jul 02 2021 22:25:34 GMT+0800 (China Standard Time)

We have an issue tracked in #193 . These shorthand tags are not working. Please use the long tags, for example amd64-v1.5.0