Skip to content

Instantly share code, notes, and snippets.

@RedRoserade

RedRoserade/docker-fedora-33-dns.md

Last active February 15, 2024 14:54
Show Gist options
  • Save RedRoserade/df0ee54dd4932f18c368099e4915688c to your computer and use it in GitHub Desktop.
Save RedRoserade/df0ee54dd4932f18c368099e4915688c to your computer and use it in GitHub Desktop.
Download ZIP
Working around Docker DNS issues on Fedora 33. Adapted from https://stackoverflow.com/a/60113249
Raw
docker-fedora-33-dns.md

Problem

Docker on Fedora 33 has issues with systemd-resolved. This causes DNS issues when, for example, connecting VPNs, because it'll use the wrong DNS server, especially if you have several configured. The one from systemd-resolved is ignored since it's a 127.0.0.X address.

This causes containers to not be able to resolve addresses on the private network (VPN).

Solution

Use dnsmasq to listen on docker0 and forward DNS requests to systemd-resolved running on 127.0.0.53.

Note: This assumes docker0 has an IP address of 172.17.0.1. Update according to your setup.

1. Install dnsmasq

dnf install dnsmasq

2. Configure dnsmasq

Edit /etc/dnsmasq.conf

# Use interface docker0
interface=docker0

# Explicitly specify the address to listen on
listen-address=172.17.0.1

# Looks like docker0 interface is not available when dnsmasq service starts so it fails. This option makes dynamically created interfaces work in the same way as the default.
bind-dynamic

# Set systemd-resolved DNS server
server=127.0.0.53

Note: make sure to comment out bind-interfaces, or the service won't start properly! dnsmasq can't have both bind-dynamic and bind-interfaces on the same configuration file.

3. Configure dockerd to use dnsmasq

Edit /etc/docker/daemon.json and ensure 172.17.0.1 is set on the DNS array:

{
  "dns": ["172.17.0.1"]
}

4. Start services

systemctl enable dnsmasq
systemctl restart dnsmasq

systemctl restart docker
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment