This message was deleted Rancher Users #rancher-desktop

Join Slack

This message was deleted.

# rancher-desktop

adamant-kite-43734

03/21/2024, 11:44 PM

This message was deleted.

calm-sugar-3169

03/22/2024, 5:26 PM

The DNS servers can be found here: https://github.com/rancher-sandbox/lima/blob/f68f7a5bce84c2f85a319ee9afd5c9039a1e270a/pkg/hostagent/dns/dns.go#L24

calm-sugar-3169

03/22/2024, 5:26 PM

Are you behind a VPN by any chance?

thousands-article-60254

03/22/2024, 5:27 PM

yes - cisco anyconenct

thousands-article-60254

03/22/2024, 5:28 PM

let me try without VPN later, but some of my images are on a corporate registry in the VPN

👍 1

calm-sugar-3169

03/22/2024, 5:37 PM

I don’t recall if there should be any DNS issues while on Mac because of the VPN, we run host agent that should handle this situation correctly. I wonder if the upstream DNS from the VPN is causing some weirdness here 🤔

thousands-article-60254

03/22/2024, 6:21 PM

DNS resolution looks like this on my mac:

Copy code

dig <http://mcr.microsoft.co|mcr.microsoft.co>

; <<>> DiG 9.10.6 <<>> <http://mcr.microsoft.co|mcr.microsoft.co>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12677
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1220
;; QUESTION SECTION:
;mcr.microsoft.co.              IN      A

;; ANSWER SECTION:
<http://mcr.microsoft.co|mcr.microsoft.co>.       3577    IN      A       104.215.95.187
<http://mcr.microsoft.co|mcr.microsoft.co>.       3577    IN      A       52.164.206.56

;; Query time: 157 msec
;; SERVER: 10.8.8.8#53(10.8.8.8)
;; WHEN: Fri Mar 22 11:17:23 PDT 2024
;; MSG SIZE  rcvd: 77

in VM:

Copy code

dig <http://mcr.microsoft.co|mcr.microsoft.co>
;; communications error to 192.168.5.3#53: timed out

; <<>> DiG 9.18.24 <<>> <http://mcr.microsoft.co|mcr.microsoft.co>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2113
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;mcr.microsoft.co.              IN      A

;; ANSWER SECTION:
<http://mcr.microsoft.co|mcr.microsoft.co>.       5       IN      A       52.164.206.56
<http://mcr.microsoft.co|mcr.microsoft.co>.       5       IN      A       104.215.95.187

;; Query time: 10 msec
;; SERVER: 192.168.5.3#53(192.168.5.3) (UDP)
;; WHEN: Fri Mar 22 18:20:49 UTC 2024
;; MSG SIZE  rcvd: 98

thousands-article-60254

03/22/2024, 6:23 PM

192.168.5.3 is not CoreDNS ... right?

calm-sugar-3169

03/22/2024, 6:51 PM

no that is not the coreDNS that address is the DNS address for the slirp network that is statically assigned

calm-sugar-3169

03/22/2024, 6:58 PM

can you force tcp on your dig command inside the VM to see if that makes it pass?

calm-sugar-3169

03/22/2024, 6:59 PM

I think it’s

+tcp

or something

thousands-article-60254

03/26/2024, 10:01 PM

@calm-sugar-3169 I tried the following: • Local machine (Mac) - no issues, using 1.1.1,1 DNS server (no vpn) , or with VPN (using a corporate 10.x.x.x DNS server)

thousands-article-60254

03/26/2024, 10:02 PM

sorry, submitted my message too early, let me test

+tcp

...

thousands-article-60254

03/26/2024, 10:07 PM

I'm still seeing these intermittent errors:

Copy code

│   Warning  Failed     53s                kubelet            Failed to pull image "<http://registry.gitlab.com/org/repo:l|registry.gitlab.com/org/repo:l> │
│ atest": Error response from daemon: Head "<https://registry.gitlab.com/v2/org/repo/manifests/latest>": dial tcp: l │
│ ookup <http://registry.gitlab.com|registry.gitlab.com> on 192.168.5.3:53: read udp 192.168.5.15:48223->192.168.5.3:53: i/o timeout

also on public images

thousands-article-60254

03/26/2024, 10:09 PM

communication with 192.168.5.3 is timing out for me relatively consistently on the VM level (VPN on or off) with UDP:

Copy code

dig <http://registry.gitlab.com|registry.gitlab.com>
;; communications error to 192.168.5.3#53: timed out

; <<>> DiG 9.18.24 <<>> <http://registry.gitlab.com|registry.gitlab.com>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;registry.gitlab.com.		IN	A

;; ANSWER SECTION:
<http://registry.gitlab.com|registry.gitlab.com>.	5	IN	A	35.227.35.254

;; Query time: 30 msec
;; SERVER: 192.168.5.3#53(192.168.5.3) (UDP)
;; WHEN: Tue Mar 26 22:07:50 UTC 2024
;; MSG SIZE  rcvd: 72

with forcing

+tcp

, it works:

Copy code

dig +tcp <http://registry.gitlab.com|registry.gitlab.com>

; <<>> DiG 9.18.24 <<>> +tcp <http://registry.gitlab.com|registry.gitlab.com>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50593
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;registry.gitlab.com.		IN	A

;; ANSWER SECTION:
<http://registry.gitlab.com|registry.gitlab.com>.	5	IN	A	35.227.35.254

;; Query time: 0 msec
;; SERVER: 192.168.5.3#53(192.168.5.3) (TCP)
;; WHEN: Tue Mar 26 22:09:17 UTC 2024
;; MSG SIZE  rcvd: 72

7 Views

Open in Slack

Previous Next