1568128 – dns quires should not send out to tun0 interface when curl $svc_name form pods

Bug 1568128 - dns quires should not send out to tun0 interface when curl $svc_name form pods

Summary: dns quires should not send out to tun0 interface when curl $svc_name form pods

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	3.10.0
Hardware:	Unspecified
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	3.10.0
Assignee:	Ben Bennett
QA Contact:	Meng Bo
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-04-16 19:25 UTC by Weibin Liang
Modified:	2018-04-16 20:36 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-04-16 20:36:21 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
dns packets (5.88 KB, text/plain) 2018-04-16 19:25 UTC, Weibin Liang	no flags	Details
View All

Description Weibin Liang 2018-04-16 19:25:45 UTC

Created attachment 1422703 [details]
dns packets

Description of problem:
dns quires send out to tun0 interface when curl $svc_name form pods

Version-Release number of selected component (if applicable):
oc v3.10.0-0.15.0


How reproducible:
Every time

Steps to Reproduce:
## In the master:
[root@host-172-16-120-135 dnsmasq.d]# oc get pods -o wide
NAME         READY     STATUS    RESTARTS   AGE       IP            NODE
blue-pod-1   1/1       Running   0          3h        10.129.0.16   172.16.120.10
red-pod-1    1/1       Running   0          3h        10.129.0.17   172.16.120.10
[root@host-172-16-120-135 dnsmasq.d]# oc rsh blue-pod-1 
/ # cat /etc/resolv.conf 
nameserver 172.16.120.10
search p1.svc.cluster.local svc.cluster.local cluster.local openstacklocal
options ndots:5
/ # curl red-service.p1.svc.cluster.local.:8080
Hello Red Pod-1 Example


Actual results:
DNS query packets captured in tun0 interface by: tcpdump -nvvvS -i tun0  port 53

Expected results:
Should not see DNS query packets in tun0 interface

Additional info:
Captured dns packets is attached.

Comment 1 Ben Bennett 2018-04-16 20:36:21 UTC

I'm not sure why you think the query should not come out tun0... The query is resolved by the node, so when the pod tries to do the lookup it is handled by the dnsmasq running on the node.

Perhaps I'm missing something, but this sounds correct to me.

Note You need to log in before you can comment on or make changes to this bug.