This message was deleted.
# rancher-desktop
a
This message was deleted.
w
Are you sure you meant /Local and not /Roaming? https://docs.rancherdesktop.io/how-to-guides/provisioning-scripts has them in %APPDATA% and not %LOCALAPPDATA%.
t
Will check now
w
I have used them in %APPDATA%\rancher-desktop\provisioning and I see the results both in the UI dialogs, but also in the changes i have scripted
t
I just have been adding them (with LF EOL), but it appears not to be applied... Should I "reset to factory" to get them applied?
w
so they are in Roaming but are not being launched?
t
~ # ls /etc/local.d/
README insecure.start resolv.start
I can see them from the wsl distro
But they appears not to have been triggered
if I run "bash -c /etc/local.d/resolv.start" it does work (from the distro)
w
you can see if they are being run in %localappdata%/rancher-desktop/logs/wsl-exec.log
should have entries for /etc/local.d/<yourstartfile>
t
Both are present... Perhaps my script doesn't work in the context of wsl during the boostrap... May I hare my snippet here?
w
sure and also what you were expecting to occur
t
Copy code
#!/bin/sh
# shellcheck shell=dash

tmp=$(mktemp)
powershell="/mnt/c/Windows/System32/WindowsPowerShell/v1.0/powershell.exe"

removeTempFiles() {
    rm -f "$tmp"
}

echo "Current resolv.conf"
echo "-------------------"
cat /etc/resolv.conf
echo
echo "Creating new resolv.conf"
echo "------------------------"

initial=$(cat /etc/resolv.conf | grep '^nameserver')
added=$($powershell -Command "Get-DnsClientServerAddress -AddressFamily ipv4 | Select-Object -ExpandProperty ServerAddresses")

{
    echo "search mydomain.cpy.local"
    for i in $initial; do
        [ "$i" = "nameserver" ] && continue
        echo nameserver "$i"
    done
    for a in $added; do
        item=$(echo $a | sed -e 's/^[[:space:]]*//' | sed -e 's/\r//g')
        [ "$item" = "nameserver" ] && continue
        contains=0
        for j in $initial; do
            [ "$j" = "nameserver" ] && continue
            [ "$item" = "$j" ] && contains=1 && break
        done
        [ $contains = 0 ] && echo nameserver "$item"
    done
} | tr -d '\r' | tee "$tmp"
(set -x; cp -r "$tmp" /etc/resolv.conf)

removeTempFiles
I expect this to update the resolv file with nameserver from the corporate vpn I use
w
well RD doesn’t use resolv.conf really?
t
I uses dnsmask, which is using resolv.conf I guess
"I assume" it to use it
t
BTW, when getting to distro, I can see the resolv file not updated
w
i would update data-resolv-conf
yeah doing this in powershell might be a fun activity. 😉
t
I've been trying to update data-resolv-conf, but it would need restart dnsmasq I guess
w
not in my experience
t
BTW I'm not sure data-resolv-conf support "search" terms
I can change my script to update the other file, that's not a deal
w
is your dns provided by your VPN changing that much?
t
I don't know, really, I'm already fed of it
w
i would try and just add one of your internal DNS servers to your data-resolv-conf or use the experimental host resolver
t
I tried the experimental resolver but that didn't cover my case I'm affraid
w
well thats interesting since it works outside of the VM be like if Chrome couldn’t look up records on your Intranet
you sure its not some route control policy dropping traffic or a firewall?
t
That's possible, company goes wild with security... 😕 wsl range should be allowed but I have troubles 😞
w
well in hostresolver its not coming from WSL any longer
and WSL not using a defined ip space and only rfc1918 is not super helpful
t
Hmmm, I don't get everything about this but I understand it's not that easy
w
does DNS work with other WSL distros?
often starting with a known good and working back is helpful
t
not out of the box, I have to trick the resolv.conf file
w
you mean add an intranet IP to resolve and then it works
t
In the main wsl2 distro I use (arch) I have to change the resolv.conf file to add VPN DNS entries + search terms to ensure it can reach internet or company network
w
i usually skip the search domains personally, but try hard coding a single internal DNS into the dnsmasq.d file and test with dig or whatever
t
Will try so
It appears I almost succeed to allow dns resolution but now I'm failing with "et/http: TLS handshake timeout"
w
i use a prov script for MTU for that one.
t
Can you share this?
w
sure
Copy code
#!/bin/sh
ip link set mtu 1250 dev eth0
👍 1
t
I believe mtu value should match the one defined in the adapter, isn't it?
w
nope
t
Ok, I'll just try this way
w
your adapter just uses the default, but with layers of virtualization and then the VPN you will find the header bloat causes fragmentation and that I usually find kills TLS
t
I works with it
Awesome
w
now TLS breakdowns can happen for a lot of reasons. but that has been one of the most common in my experience
t
I've seen this as well number of times over troubleshooting threads
f
@tall-kite-83186 Could you let us know why the experimental host resolver does not cover your use case? We want to improve it so it covers most configurations correctly without any further configuration.
t
Well I initially gave a try and got this feature not working. After a 2nd attempt I got it working. I guess I wrongly restarted my RD the first time