Docker container can't resolv domain

rj46 · November 9, 2022, 4:56pm

Hi,

I have two container in bridged network :

docker inspect network bridge

…
“Containers”: {
“d8482b24584fb287c2d91ba43f4c33edb2399fe6ac057ac2c4a26c485a6f0c19”: {
“Name”: “kali”,
“EndpointID”: “bc7296fa365d362ec50374feef991168fbe4d76ca7ff8c880446c5a7b5328e62”,
“MacAddress”: “02:42:ac:11:00:03”,
“IPv4Address”: “172.17.0.3/16”,
“IPv6Address”: “”
},
“eb038953140d3bb3834d29fbce080d5b0dc7cf6e58c363c3de8b0ce9156f3a29”: {
“Name”: “bind9”,
“EndpointID”: “12f59dfad9fd7380d2777af76308d10a192a5a14272e4ae099a6e4fdd2422282”,
“MacAddress”: “02:42:ac:11:00:02”,
“IPv4Address”: “172.17.0.2/16”,
“IPv6Address”: “”
}
…

docker container ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d8482b24584f kalilinux/kali-rolling “bash” 3 hours ago Up About a minute kali
eb038953140d named:latest “/usr/sbin/named -f …” 3 hours ago Up 3 hours 0.0.0.0:53->53/tcp, 0.0.0.0:53->53/udp, 127.0.0.1:953->953/tcp bind9

a kali linux for testing my network issue and a bind server who the 53 port is used in udp and tcp

the kali linux has my containers servers as resolver :

┌──(root㉿d8482b24584f)-[/]
└─# cat /etc/resolv.conf

Generated by NetworkManager

search rj46 home
nameserver 192.168.0.32

when i do a dig request in udp from my kali server, i have a timeout

┌──(root㉿d8482b24584f)-[/]
└─# dig @192.168.0.32 domain
;; communications error to 192.168.0.32#53: timed out

when i do the same but in tcp, i ave an answer :

┌──(root㉿d8482b24584f)-[/]
└─# dig @192.168.0.32 +tcp domain

; <<>> DiG 9.18.8-1-Debian <<>> @192.168.0.32 +tcp domain
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24656
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 0f1e0a3fb347a22b01000000636bdb0ce3cfabd139bd1a0e (good)
;; QUESTION SECTION:
emzm5pam37e4.wpeproxy.com. 251 IN A 141.193.213.20
emzm5pam37e4.wpeproxy.com. 251 IN A 141.193.213.21

;; Query time: 1 msec
;; SERVER: 192.168.0.32#53(192.168.0.32) (TCP)
;; WHEN: Wed Nov 09 16:53:32 UTC 2022
;; MSG SIZE rcvd: 142

I don’t understand why i have a timeout in udp

If i do a tcpdump i have this issue :

7:36:45.580182 IP 172.17.0.5 > 172.17.0.1: ICMP 172.17.0.5 udp port 44520 unreachable, length 123

An idea ?