Background: I'm a little bit rusty with OpenVZ and everything in version 7 is overwhelmingly new to me.
So far I have only containers. I want to use the hardware node as my local DNS cache for *all* container types, host and bridged.
I have successfully configured dnsmasq to listen on both br0 and virbr0, as far as I saw, the interfaces for bridged and host-only containers, respectively. I could confirm the step on the hardware node with
and that works.
dig @interface_ip <public host name>
What doesn't work:
From the hardware node:
- name resolution in any container times out
- pinging the hardware node address gives no reply
# prlsrvctl net list
Network ID Type Bound To Bridge Slave interfaces
Bridged bridged enp2s0 br0
Host-Only host-only virbr0
With virbr0: 10.37.130.2/24 and br0:192.168.xx.5/28.
and even though it has no name resolution.
prlctl set <my test container @ 192.168.xx.4> --nameserver 10.37.130.2
I *suppose* I need to add a rule to iptables but which one and where. I did add an INPUT rule but it doesn't work
Here's what I have with tcpdump, the rule I tried doesn't change anything:
tcpdump: WARNING: venet0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on venet0, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
23:03:20.876113 IP 192.168.xx.4.53894 > myhostname.local.domain: 32621+ A? google.com. (28)
23:03:25.875974 IP 192.168.xx.4.53894 > myhostname.local.domain: 32621+ A? google.com. (28)
2 packets captured
2 packets received by filter
0 packets dropped by kernel
This happens when I do a simple from a container that has the host command (Debian minimal containers don't).
From that container:
# ping 220.127.116.11
PING 18.104.22.168 (22.214.171.124) 56(84) bytes of data.
64 bytes from 126.96.36.199: icmp_seq=1 ttl=39 time=328 ms
64 bytes from 188.8.131.52: icmp_seq=2 ttl=39 time=19.8 ms
64 bytes from 184.108.40.206: icmp_seq=3 ttl=39 time=20.3 ms
64 bytes from 220.127.116.11: icmp_seq=4 ttl=39 time=20.3 ms
64 bytes from 18.104.22.168: icmp_seq=5 ttl=39 time=44.1 ms
64 bytes from 22.214.171.124: icmp_seq=6 ttl=39 time=20.4 ms
--- 126.96.36.199 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5002ms
rtt min/avg/max/mdev = 19.836/75.699/328.996/113.614 ms
I'm stuck. Thanks in advance for any hint/advice.
[Updated on: Mon, 17 July 2017 09:24]
Report message to a moderator