Name resolution failure

kmansoft · April 27, 2023, 7:13pm

Hi,

I’m running Docker CE on Ubuntu 22.04.

Any image I try to run - e.g. Ubuntu, Debian, nicolaka/netshoot - has trouble performing name resolution, it’s unable to reach DNS servers, and just pinging 8.8.8.8 fails.

My /etc/docker/daemon.json :

{
  "bip" : "20.0.0.1/24",
  "dns" : ["8.8.8.8"]
}

Output of “ip a” for docker0 :

5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:96:9f:92:b2 brd ff:ff:ff:ff:ff:ff
    inet 20.0.0.1/24 brd 20.0.0.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:96ff:fe9f:92b2/64 scope link 
       valid_lft forever preferred_lft forever

My /etc/resolve.conf inside the container:

search corporate_domain1.com, corporate_domain2.com
nameserver 8.8.8.8

Output of “ip r” inside a container :

default via 20.0.0.1 dev eth0 
20.0.0.0/24 dev eth0 proto kernel scope link src 20.0.0.2

Trying to ping default gateway inside a container gives no output:

PING 20.0.0.1 (20.0.0.1) 56(84) bytes of data.
( no output )

I’ve tried restarting Docker but it changed nothing.

My machine is on a corporate network, so that’s probably the reason - trouble is, our IT department won’t help, so I’ve turned to help here.

Any ideas?

meyay · April 27, 2023, 7:58pm

The ip indicates that you are using a public ip (range) provided your isp.
Is this correct?

If it is supposed to be a private network range, you might want to look at Private network - Wikipedia for a list of valid cidr ranges.

kmansoft · April 27, 2023, 8:14pm

My router gives 192.168.0.* IPv4 (and also an IPv6, which I don’t think matters here) - so I edited /etc/docker/daemon.json with this address. I could have used 10.0.0.1/24 but my corporate VPN uses that.

Do you think trying 10.1.0.1/24 or 172.16.0.1/24 might help?

kmansoft · April 27, 2023, 8:17pm

By the way the issue happens even when I’m not connected from the corporate VPN

rimelek · April 27, 2023, 8:51pm

Can you use 8.8.8.8 from the host? If you are in a corporate network and not just conected to the VPN, it is also possible that using the name server of Google is not allowed. It is not allowed where I work.

That would be the default range, but as long as you use a valid ip address it shouldn’t affect name resolution.

We can help with Docker related questions but only your IT deparment can tell you which IP ranges you should use and even what you are allowed to use.

kmansoft · April 27, 2023, 9:02pm

Using 8.8.8.8 or 1.1.1.1 absolutely works on the host when I’m on the VPN and when I’m off of it.

Topic		Replies	Views
Name resolution not happening in container General dns	4	4806	May 11, 2016
Containers cannot resolve DNS General	1	1093	May 2, 2020
Problem host resolve or container name resolve in docker General	0	619	October 6, 2019
Docker container's DNS resolution fails General dns , docker , ubuntu , host-network	2	2023	April 7, 2025
Unable resolve server name in one container, but works in another container Docker Hub	0	543	June 4, 2019

Name resolution failure

Related topics