DNS Settings on PVE Server

S

spetrillo

Member
Feb 15, 2024
148
5
18
Hello all,

My PVE server has two vlans setup, one being the IP it should be communicating on and the second is for iSCSI storage needs. Each time I check the DNS settings for the server it is defaulting to the iSCSI IP, which has no access outside of its vlan. I change it back but on the next reboot it changes back. I have manually edited /etc/resolv.conf and changed it there but the next reboot changes the file again. Why is this happening and what file should I be editing to permanently change the DNS.

Thanks,
Steve
 
Yes from both the GUI and CLI. It seems it takes the last IP gateway of the last vlan assigned. Once I remove the iSCSI vlan it goes back to the IP it should be looking at all the time. This seems like a bug.

I just checked my PBS server and it is exhibiting the same problem. This is soo weird.

Ok I can add a second DNS server entry, to get around this but this should not be happening in the first place.
 
Last edited:
Wait, "Last" gateway? As in that you have multiple gateways set up?
The server should only have one gateway, and since the storage network doesn't need to go outside that network, why does it even have a gateway?

Could you post the output of the following?
Code: 
ip a
cat /etc/network/interfaces
 
So let me list everything in one reply:

1) My PVE has two IPs attached to it. One for the normal resolution and the second one for iSCSI storage access.
2) It seems that the DNS settings are getting set from the last Linux bridge, which in my case is the iSCSI storage vlan.

Please see attached interfaces file, as well as GUI configuration. VLAN 25 equates to the subnet where 192.168.2.161 is the gateway of the subnet. I would update the GUI to the right DNS server and reboot. Upon reboot it would go back to 192.168.2.161, so its getting this from somewhere else I suspect.

In the GUI DNS settings I can add a second DNS server IP for the DNS server it should be querying, to get around this issue but it does not explain why both my PBS and PVE are setting the DNS from the last Linux bridge it sees.

One thing I am going to try right now is change the order of the Linux sub bridge interfaces and see if that fixes things. If it does then it tells me this is a bug. DNS should not be getting set from what is in my interfaces file.
 

Attachments

  • Screenshot 2024-07-07 121238.png
    Screenshot 2024-07-07 121238.png
    65.1 KB · Views: 23
  • Screenshot 2024-07-07 121257.png
    Screenshot 2024-07-07 121257.png
    23.6 KB · Views: 26
  • Screenshot 2024-07-07 121557.png
    Screenshot 2024-07-07 121557.png
    17.9 KB · Views: 22
And as I expected the order change of my sub bridges yields the right DNS server being in the GUI. I do not know about anyone else but this is a bug in my humble opinion. During the installation you set the DNS server explicitly. It should honor this!
 
Ah, I see your issue.
You are telling your server to get it's IP-settings from DHCP...
A small quiz:
Q: What does it get from DHCP?
A: IP, Subnet-mask, Gateway, DNS-Server and optionally other DHCP-options.

So it basically is doing exactly what you are telling it to do ;)

Your options are:
1. (Best option IMO): Set a static IP-address for both interfaces (in the correct range) that is outside of the DHCP-Range, and also one on your PBS (different from PVE of course), which I expect you have set the same.
2. Change the DHCP-Client settings to ignore / not get the DNS-Server settings.

Edit: Typo's and additions
 
Last edited:
Is DHCP doing what I am telling it to do...yes. Is PVE or PBS honoring this...absolutely no! PVE and PBS are making an arbitrary decision to pull the DNS settings from the last Linux sub bridge setting. This should not be happening.

Attached are the DHCP settings for my iSCSI VLAN. Notice there is nothing in the DNS Server section, so PVE and PBS are pulling the gateway and making it the DNS server...thats bogus in my mind.

I use DHCP reservations, which makes everything really easy to identify and keep track of. If I set a static IP then I have no place on my router where that static set device shows up. Its easy to look at my DHCP listing for all the devices in my local network.
 

Attachments

  • Screenshot 2024-07-07 122706.png
    Screenshot 2024-07-07 122706.png
    34.9 KB · Views: 16
Ah, but that's not proxmox issue but an opnsense-issue.
If you click the (i) next to the DNS-servers it says the following:
Leave blank to use the system default DNS servers: This interface IP address if a DNS service is enabled or the configured global DNS servers.
Click to expand...
Meaning: Because you left it blank, it selected the default, which is the OpnSense server itself, so OpnSense is the one filling in the DNS-Server for you, then proxmox is asking for both in order, and because they both get DNS options, the "last" one overwrites the previous one.
Is that wanted? In your case not, but then again you have (in my opinion) a bit of an unusual setup, with having multiple ports requesting multiple DNS-entries.

What you could do is one of the following:
  1. In the opnsense iscsi dhcp set the DNS of the primairy dns.
  2. Set static IP's
  3. Disable the requesting of DNS all-together with the link I provided in the second smaller post (#8)
 

Attachments

  • dns-opnsense.png
    dns-opnsense.png
    9.2 KB · Views: 6
Last edited:
sw-omit said:
Ah, but that's not proxmox issue but an opnsense-issue.
If you click the (i) next to the DNS-servers it says the following:

Meaning: Because you left it blank, it selected the default, which is the OpnSense server itself, so OpnSense is the one filling in the DNS-Server for you, then proxmox is asking for both in order, and because they both get DNS options, the "last" one overwrites the previous one.
Is that wanted? In your case not, but then again you have (in my opinion) a bit of an unusual setup, with having multiple ports requesting multiple DNS-entries.

What you could do is one of the following:
  1. In the opnsense iscsi dhcp set the DNS of the primairy dns.
  2. Set static IP's
  3. Disable the requesting of DNS all-together with the link I provided in the second smaller post (#8)
Click to expand...

As you mention its going to take the system default DNS server. I am using Unbound and this would be the right IP I would want. That is not happening...still a bug IMHO. To get around this I will update the storage vlan with the right IP and all done. I should not have to do this.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back