comma-separated domain suffixes received from VBox DHCP

Discussions about using Linux guests in VirtualBox.
Post Reply
940607
Posts: 57
Joined: 24. Sep 2012, 10:32
Primary OS: MS Windows 10
VBox Version: OSE other
Guest OSses: Archlinux
Location: Russia

comma-separated domain suffixes received from VBox DHCP

Post by 940607 »

Hi. I have multiple network connections on my Windows host. Then on the guest I see the following in the journal:

Code: Select all

Jun 19 10:02:50 reallin.basin NetworkManager[334]: <info>  [1624086170.4093] dhcp4 (enp0s3): option domain_name          => 'domain1.com,domain2.com'
Jun 19 10:02:50 reallin.basin NetworkManager[334]: <info>  [1624086170.4093] dhcp4 (enp0s3): option domain_name_servers  => '10.14.33.139 10.14.33.140 192.168.149.11 192.168.110.11'
NetworkManager is not trying to split the comma-separated list of search domains and adds them as-is to resolv.conf.

Is comma-separated string part of the standard? Shouldn't DHCP send two separate search domains instead?
I checked how it's done in dnsmasq. With this option:

Code: Select all

dhcp-option-force=option:domain-search,lan,maindomain.com
You can see on the attached image.
Attachments
dnsmasq.png
dnsmasq.png (4.8 KiB) Viewed 3158 times
fth0
Volunteer
Posts: 5661
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: comma-separated domain suffixes received from VBox DHCP

Post by fth0 »

Are you mixing the domain_name and domain_search options?

Can you provide a Wireshark capture (*) of the DHCP negotiation?

(*) One way would be to disconnect the virtual network cable, reboot the guest, start the Wireshark capture and then connecting the virtual network cable again.
940607
Posts: 57
Joined: 24. Sep 2012, 10:32
Primary OS: MS Windows 10
VBox Version: OSE other
Guest OSses: Archlinux
Location: Russia

Re: comma-separated domain suffixes received from VBox DHCP

Post by 940607 »

Attached the capture file.
dhcp.pcap.zip
(375 Bytes) Downloaded 5 times
vbox-dhcp.png
vbox-dhcp.png (9.47 KiB) Viewed 3142 times
Notice the comma as a distinct Option 15 between the two other Option 15 entries. The ugly workaround for now is to replace the comma in the input generated by NetworkManager. /etc/resolvconf.conf :

Code: Select all

# fix for buggy VBox DHCP
cat() {
  sed '/^search /s/,/ /g' "$@"
}
fth0
Volunteer
Posts: 5661
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: comma-separated domain suffixes received from VBox DHCP

Post by fth0 »

DHCP option 15 (Domain Name) is meant to provide only one domain name (the interface-specific primary domain of the DHCP client's host name). Only DHCP option 119 (Domain Search) is meant to provide multiple domain names to use in DNS searches for other host names.

Where does the configuration of the domain names originate from? Please provide a zipped VBox.log file of a VM run starting from the Powered Off state.

In the past, I've seen DNS misconfigurations on Windows DHCP servers, because DHCP option 119 was not supported; Microsofts recommended way was using Windows GPOs instead of DHCP, but that didn't work for Linux clients of course.
940607
Posts: 57
Joined: 24. Sep 2012, 10:32
Primary OS: MS Windows 10
VBox Version: OSE other
Guest OSses: Archlinux
Location: Russia

Re: comma-separated domain suffixes received from VBox DHCP

Post by 940607 »

fth0 wrote: Where does the configuration of the domain names originate from?
They are collected by VBox from the Connection DNS Suffixes of the two network adapters in Windows. The guest network adapter is attached to VBox NAT and VBox DHCP is on.
properties.png
properties.png (15.9 KiB) Viewed 3133 times
fth0 wrote:Please provide a zipped VBox.log file of a VM run starting from the Powered Off state.
VBox.log.zip
(16.51 KiB) Downloaded 4 times
fth0
Volunteer
Posts: 5661
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: comma-separated domain suffixes received from VBox DHCP

Post by fth0 »

Thanks for the explanations. I'll have to investigate a bit more ...

If you like to experiment with related VirtualBox settings, you can search the VirtualBox User Manual for the natdnspassdomain option as a starting point.
fth0
Volunteer
Posts: 5661
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: comma-separated domain suffixes received from VBox DHCP

Post by fth0 »

After examining the VirtualBox source code, my summary is as follows:

The value for the DHCP option 15 (Domain Name) is determined differently on Windows and Linux hosts: On a Linux host, /etc/resolv.conf is read, and either the value of the domain keyword or the first value of the search keyword is used. On a Windows host, the DNS suffixes from all configured network adapters are concatenated by the ',', as you already discovered yourself. On both hosts, DHCP option 119 (Domain Search) is not used at all, and it would use the DNS name compression data format for its value (no ',').

I don't know why VirtualBox handles the domain names that way on Windows hosts, and especially if there are DHCP clients which can evaluate a DHCP option 15 (Domain Name) with commas.

As a workaround, you could use 9.8.6. Using the Host's Resolver as a DNS Proxy in NAT Mode or the natdnspassdomain<n> option documented in 8.8.2.1. NAT Networking Settings.
940607
Posts: 57
Joined: 24. Sep 2012, 10:32
Primary OS: MS Windows 10
VBox Version: OSE other
Guest OSses: Archlinux
Location: Russia

Re: comma-separated domain suffixes received from VBox DHCP

Post by 940607 »

Thank you for your investigation. I do use the host resolver on some VMs except those that periodically download GPG keys because PGP uses a special kind of DNS record which VBox DNS server doesn't know how to forward.
For now, I'll stick to my workaround with the resolvconf tool and sed.
Post Reply