comma-separated domain suffixes received from VBox DHCP

Discussions about using Linux guests in VirtualBox.

comma-separated domain suffixes received from VBox DHCP

Postby 940607 » 19. Jun 2021, 09:33

Hi. I have multiple network connections on my Windows host. Then on the guest I see the following in the journal:
Code: Select all   Expand viewCollapse view
Jun 19 10:02:50 reallin.basin NetworkManager[334]: <info>  [1624086170.4093] dhcp4 (enp0s3): option domain_name          => 'domain1.com,domain2.com'
Jun 19 10:02:50 reallin.basin NetworkManager[334]: <info>  [1624086170.4093] dhcp4 (enp0s3): option domain_name_servers  => '10.14.33.139 10.14.33.140 192.168.149.11 192.168.110.11'


NetworkManager is not trying to split the comma-separated list of search domains and adds them as-is to resolv.conf.

Is comma-separated string part of the standard? Shouldn't DHCP send two separate search domains instead?
I checked how it's done in dnsmasq. With this option:
Code: Select all   Expand viewCollapse view
dhcp-option-force=option:domain-search,lan,maindomain.com

You can see on the attached image.
Attachments
dnsmasq.png
dnsmasq.png (4.8 KiB) Viewed 786 times
940607
 
Posts: 56
Joined: 24. Sep 2012, 10:32

Re: comma-separated domain suffixes received from VBox DHCP

Postby fth0 » 19. Jun 2021, 11:30

Are you mixing the domain_name and domain_search options?

Can you provide a Wireshark capture (*) of the DHCP negotiation?

(*) One way would be to disconnect the virtual network cable, reboot the guest, start the Wireshark capture and then connecting the virtual network cable again.
fth0
Volunteer
 
Posts: 2111
Joined: 14. Feb 2019, 03:06
Location: Germany
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...

Re: comma-separated domain suffixes received from VBox DHCP

Postby 940607 » 19. Jun 2021, 12:56

Attached the capture file.
dhcp.pcap.zip
(375 Bytes) Downloaded 1 time

vbox-dhcp.png
vbox-dhcp.png (9.47 KiB) Viewed 770 times

Notice the comma as a distinct Option 15 between the two other Option 15 entries. The ugly workaround for now is to replace the comma in the input generated by NetworkManager. /etc/resolvconf.conf :
Code: Select all   Expand viewCollapse view
# fix for buggy VBox DHCP
cat() {
  sed '/^search /s/,/ /g' "$@"
}
940607
 
Posts: 56
Joined: 24. Sep 2012, 10:32

Re: comma-separated domain suffixes received from VBox DHCP

Postby fth0 » 19. Jun 2021, 14:25

DHCP option 15 (Domain Name) is meant to provide only one domain name (the interface-specific primary domain of the DHCP client's host name). Only DHCP option 119 (Domain Search) is meant to provide multiple domain names to use in DNS searches for other host names.

Where does the configuration of the domain names originate from? Please provide a zipped VBox.log file of a VM run starting from the Powered Off state.

In the past, I've seen DNS misconfigurations on Windows DHCP servers, because DHCP option 119 was not supported; Microsofts recommended way was using Windows GPOs instead of DHCP, but that didn't work for Linux clients of course.
fth0
Volunteer
 
Posts: 2111
Joined: 14. Feb 2019, 03:06
Location: Germany
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...

Re: comma-separated domain suffixes received from VBox DHCP

Postby 940607 » 19. Jun 2021, 14:37

fth0 wrote:Where does the configuration of the domain names originate from?

They are collected by VBox from the Connection DNS Suffixes of the two network adapters in Windows. The guest network adapter is attached to VBox NAT and VBox DHCP is on.
properties.png
properties.png (15.9 KiB) Viewed 761 times

fth0 wrote:Please provide a zipped VBox.log file of a VM run starting from the Powered Off state.

VBox.log.zip
(16.51 KiB) Downloaded 1 time
940607
 
Posts: 56
Joined: 24. Sep 2012, 10:32

Re: comma-separated domain suffixes received from VBox DHCP

Postby fth0 » 19. Jun 2021, 15:24

Thanks for the explanations. I'll have to investigate a bit more ...

If you like to experiment with related VirtualBox settings, you can search the VirtualBox User Manual for the natdnspassdomain option as a starting point.
fth0
Volunteer
 
Posts: 2111
Joined: 14. Feb 2019, 03:06
Location: Germany
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...

Re: comma-separated domain suffixes received from VBox DHCP

Postby fth0 » 20. Jun 2021, 10:48

After examining the VirtualBox source code, my summary is as follows:

The value for the DHCP option 15 (Domain Name) is determined differently on Windows and Linux hosts: On a Linux host, /etc/resolv.conf is read, and either the value of the domain keyword or the first value of the search keyword is used. On a Windows host, the DNS suffixes from all configured network adapters are concatenated by the ',', as you already discovered yourself. On both hosts, DHCP option 119 (Domain Search) is not used at all, and it would use the DNS name compression data format for its value (no ',').

I don't know why VirtualBox handles the domain names that way on Windows hosts, and especially if there are DHCP clients which can evaluate a DHCP option 15 (Domain Name) with commas.

As a workaround, you could use 9.8.6. Using the Host's Resolver as a DNS Proxy in NAT Mode or the natdnspassdomain<n> option documented in 8.8.2.1. NAT Networking Settings.
fth0
Volunteer
 
Posts: 2111
Joined: 14. Feb 2019, 03:06
Location: Germany
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...

Re: comma-separated domain suffixes received from VBox DHCP

Postby 940607 » 20. Jun 2021, 11:08

Thank you for your investigation. I do use the host resolver on some VMs except those that periodically download GPG keys because PGP uses a special kind of DNS record which VBox DNS server doesn't know how to forward.
For now, I'll stick to my workaround with the resolvconf tool and sed.
940607
 
Posts: 56
Joined: 24. Sep 2012, 10:32


Return to Linux Guests

Who is online

Users browsing this forum: Google [Bot] and 4 guests