OpenVZ Forum


Home » General » Support » How do I configure OpenVZ 7 hardware node for global DNS caching? (Using dnsmasq for local network and all containers/VMs)
How do I configure OpenVZ 7 hardware node for global DNS caching? [message #52892] Mon, 17 July 2017 09:20
VinzC is currently offline  VinzC
Messages: 14
Registered: December 2008
Junior Member
From: *dyn.cybernet.be
Background: I'm a little bit rusty with OpenVZ and everything in version 7 is overwhelmingly new to me.

So far I have only containers. I want to use the hardware node as my local DNS cache for *all* container types, host and bridged.

I have successfully configured dnsmasq to listen on both br0 and virbr0, as far as I saw, the interfaces for bridged and host-only containers, respectively. I could confirm the step on the hardware node with
dig @interface_ip <public host name>
and that works.

What doesn't work:
  • name resolution in any container times out
  • pinging the hardware node address gives no reply
From the hardware node:

    # prlsrvctl net list
    Network ID        Type      Bound To       Bridge         Slave interfaces
    Bridged           bridged   enp2s0         br0                           
    Host-Only         host-only                virbr0                        


With virbr0: 10.37.130.2/24 and br0:192.168.xx.5/28.

I've run
prlctl set <my test container @ 192.168.xx.4> --nameserver 10.37.130.2
and even though it has no name resolution.

I *suppose* I need to add a rule to iptables but which one and where. I did add an INPUT rule but it doesn't work

Here's what I have with tcpdump, the rule I tried doesn't change anything:

	# tcpdump
	tcpdump: WARNING: venet0: no IPv4 address assigned
	tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
	listening on venet0, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
	23:03:20.876113 IP 192.168.xx.4.53894 > myhostname.local.domain: 32621+ A? google.com. (28)
	23:03:25.875974 IP 192.168.xx.4.53894 > myhostname.local.domain: 32621+ A? google.com. (28)
	^C
	2 packets captured
	2 packets received by filter
	0 packets dropped by kernel


This happens when I do a simple
host google.com
from a container that has the host command (Debian minimal containers don't).

From that container:

	# ping 8.8.8.8
	PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
	64 bytes from 8.8.8.8: icmp_seq=1 ttl=39 time=328 ms
	64 bytes from 8.8.8.8: icmp_seq=2 ttl=39 time=19.8 ms
	64 bytes from 8.8.8.8: icmp_seq=3 ttl=39 time=20.3 ms
	64 bytes from 8.8.8.8: icmp_seq=4 ttl=39 time=20.3 ms
	64 bytes from 8.8.8.8: icmp_seq=5 ttl=39 time=44.1 ms
	64 bytes from 8.8.8.8: icmp_seq=6 ttl=39 time=20.4 ms
	^C
	--- 8.8.8.8 ping statistics ---
	6 packets transmitted, 6 received, 0% packet loss, time 5002ms
	rtt min/avg/max/mdev = 19.836/75.699/328.996/113.614 ms


I'm stuck. Thanks in advance for any hint/advice.


Vince C.

[Updated on: Mon, 17 July 2017 09:24]

Report message to a moderator

Previous Topic: Unable to start init, probably incorrect template
Next Topic: Can I really not run VM's on an AMD Opteron 1214?
Goto Forum:
  


Current Time: Fri Jul 21 14:52:03 GMT 2017