ziti-edge-tunnel 0.20.0 no longer answers DNS query for service domain name #520
Comments
|
While 0.20.0 is running I verified that it did successfully configure the tun interface and ❯ ip addr sh tun0
22: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 100.64.0.0/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::a764:99d4:9955:73b7/64 scope link stable-privacy
valid_lft forever preferred_lft forever
❯ ip route show | egrep 'default|tun0'
default via 192.168.1.254 dev wlp3s0 proto dhcp metric 600
3.230.231.14 dev tun0 scope link
34.193.196.178 dev tun0 scope link
44.198.86.86 dev tun0 scope link
100.64.0.0/12 dev tun0 scope link
100.64.0.1 dev tun0 scope link
100.64.0.2 dev tun0 scope link
100.64.0.3 dev tun0 scope link
100.64.0.4 dev tun0 scope link
❯ resolvectl dns tun0
Link 22 (tun0): 100.64.0.1
❯ resolvectl domain tun0
Link 22 (tun0): ~. |
|
Just ran into this also. |
|
I believe this issue applies to more than just the "ziti:dns-resolver" service. an error that was introduced with 0.20.0 causes all address matches to fail. my local testing missed this because apparently my make build directories were stale. sorry for the confusion and hassle. it's fixed with commit f2fb7c7, soon to be released with 0.20.1. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In a direct, functional comparison between 0.19.11 and 0.20.0 running with same params and same Ziti identity config only 0.19.11 will answer a DNS query for the service domain name.
I confirmed the nameserver address by running
resolvectl dns tun0and I tested by directing the DNS query to the corresponding addressdig {address} @100.64.0.1.I verified that a matching service address is available to dial by running
ziti-edge-tunnel dumpand inspecting the stdout from the main tunneler PID.The text was updated successfully, but these errors were encountered: