Docker Community Forums

Share and learn in the Docker community.

Docker 1.12.1: container can't resolve host behind VPN


(Ksenish) #1

I’m running Docker on Mac and my container can’t resolve a host behind VPN. It can ping the ip, but not the host. This wasn’t an issue prior I upgraded to 1.12.1. My mac’s /etc/resolv.conf haven’t changed.

$ docker info
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 11
Server Version: 1.12.1
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 16
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: overlay bridge host null
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: seccomp
Kernel Version: 4.4.19-moby
Operating System: Alpine Linux v3.4
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.954 GiB
Name: moby
ID: QEZ5:DCIH:M2HH:DANB:QCU6:OQ2K:JUVX:OY6Y:GM3I:BAMZ:37ZE:ZXHK
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
File Descriptors: 16
Goroutines: 28
System Time: 2016-08-26T19:23:11.147407399Z
EventsListeners: 1
No Proxy: *.local, 169.254/16
Username: ksenish
Registry: https://index.docker.io/v1/
Experimental: true
Insecure Registries:
127.0.0.0/8

Problem:
$ docker run -t ubuntu:16.04 /bin/bash -xc “apt-get update ; apt-get install -y iputils-ping dnsutils ; ping -c1 10.5.20.201 ; ping -c1 pkg-ondemand.bnr.perforce.com ; host pkg-ondemand.bnr.perforce.com

  • apt-get update
    [snip… long not interesting output]
  • apt-get install -y iputils-ping dnsutils
    Reading package lists… Done
    [snip… long not interesting output]
  • ping -c1 10.5.20.201
    PING 10.5.20.201 (10.5.20.201) 56(84) bytes of data.
    64 bytes from 10.5.20.201: icmp_seq=1 ttl=37 time=0.180 ms

— 10.5.20.201 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.180/0.180/0.180/0.000 ms

Expected (running Docker 1.12.0 on a different Mac):
$ docker run -t ubuntu:16.04 /bin/bash -xc “apt-get update ; apt-get install -y iputils-ping dnsutils ; ping -c1 10.5.20.201 ; ping -c1 pkg-ondemand.bnr.perforce.com ; host pkg-ondemand.bnr.perforce.com

  • apt-get update
    [snip… long not interesting output]
  • apt-get install -y iputils-ping dnsutils
    Reading package lists… Done
    [snip… long not interesting output]
  • ping -c1 10.5.20.201
    PING 10.5.20.201 (10.5.20.201) 56(84) bytes of data.
    64 bytes from 10.5.20.201: icmp_seq=1 ttl=37 time=0.239 ms

— 10.5.20.201 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.239/0.239/0.239/0.000 ms

pkg-ondemand.bnr.perforce.com ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.111/0.111/0.111/0.000 ms