3

I have a nspawn container:

root@nomad-02:~# machinectl list MACHINE CLASS SERVICE OS VERSION ADDRESSES debian container systemd-nspawn debian 11 192.168.88.171… 1 machines listed.

systemd-resolved.service is started on the host (and in the container as well):

root@nomad-02:~# systemctl status systemd-resolved.service ● systemd-resolved.service - Network Name Resolution Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2022-01-25 22:16:34 UTC; 12h ago Docs: man:systemd-resolved.service(8) man:org.freedesktop.resolve1(5) https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients Main PID: 232128 (systemd-resolve) Status: "Processing requests..." Tasks: 1 (limit: 1132) Memory: 5.3M CPU: 153ms CGroup: /system.slice/systemd-resolved.service └─232128 /lib/systemd/systemd-resolved Jan 25 22:16:34 nomad-02 systemd[1]: Starting Network Name Resolution... Jan 25 22:16:34 nomad-02 systemd-resolved[232128]: Positive Trust Anchors: Jan 25 22:16:34 nomad-02 systemd-resolved[232128]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d Jan 25 22:16:34 nomad-02 systemd-resolved[232128]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.> Jan 25 22:16:34 nomad-02 systemd-resolved[232128]: Using system hostname 'nomad-02'. Jan 25 22:16:34 nomad-02 systemd[1]: Started Network Name Resolution.

The container has a vnet:

root@nomad-02:~# resolvectl status Global Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported resolv.conf mode: foreign ... Link 439 (ve-debian) Current Scopes: LLMNR/IPv4 LLMNR/IPv6 Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

I would like to know if it is possible to reach the container from within the host using its hostname.

What I tried is:

dig @127.0.0.53 debian

which does not work.

I can not find any documentation on how to do it. Is it possible to do it?

Thanks in advance.

Improve this question

1 Answer 1

Reset to default
3

You need the NSS (name service switch, see man 5 nss) module "mymachines" installed and enabled in /etc/nsswitch.conf. Place "mymachines" before the "resolve" or "dns" entry of the "hosts:" line of /etc/nsswitch.conf (see man 8 nss-mymachines):

hosts: mymachines resolve [!UNAVAIL=return] files myhostname dns

If "mymachines" is already present in /etc/nsswitch.conf and still doesn't work - its priority is too low. Try moving it before "resolve" or "dns".
On Debian, you need the libnss-mymachines package, for example.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.