No VM/CT DNS resolving on fresh install

wolframio

Member
Dec 15, 2021
53
5
13
41
Hi there, this is my first time installing Proxmox, i put the latest version on a DELL C1100 server with 3 network cards but only one have a network cable connected.

After the install i made changes to apt repos for non-suscription then try an "apt dist-upgrade" and everything finish OK, so the machine and the OS have a healthy internet access.

The problem is when i create a Virtual Machine or Container, after that i start one, try to install anything via apt and apt cant connect to servers.

Inside VM/CT, i can ping my router ip and others external ips like 8.8.8.8 and i get a good response, but if i ping a domain like google.com i get no response.

Any ideas?

First time using proxmox, sorry for my english, i speak spanish. Thanks!
 
Looks like the VM/CT is not able to resolve DNS names.

For the containers, the network settings is setup from Proxmox (please post container configuration pct config CTID and /etc/resolv.conf of the container).
 
Code:
root@CT100:~# cat /etc/resolv.conf
# --- BEGIN PVE ---
search lan
nameserver 8.8.8.8
nameserver 8.8.4.4
# --- END PVE ---

I use DHCP on all machines. i dont know what "pct config CTID" is.

EDIT:
This?
Code:
root@pve:~# pct config 100
arch: amd64
cores: 4
hostname: CT100
memory: 512
net0: name=eth0,bridge=vmbr0,hwaddr=6E:0E:30:E8:AA:A9,ip=dhcp,ip6=dhcp,type=veth
ostype: ubuntu
rootfs: local-lvm:vm-100-disk-0,size=8G
swap: 512
root@pve:~#
 
Last edited:
Can you ping 8.8.8.8 and 8.8.4.4? You can use dig or nslookup to test if you can reach those DNS servers. Which is the exact error you are having with apt?
Code:
root@CT100:~# apt update
Err:1 http://archive.ubuntu.com/ubuntu focal InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Err:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Err:3 http://archive.ubuntu.com/ubuntu focal-security InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Reading package lists... Done       
Building dependency tree... Done
All packages are up to date.
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal-updates/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal-security/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Some index files failed to download. They have been ignored, or old ones used instead.
root@CT100:~#
Code:
root@CT100:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=117 time=5.19 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=117 time=5.13 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=117 time=5.27 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=117 time=5.89 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=117 time=4.66 ms
^C
--- 8.8.8.8 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 4.655/5.226/5.892/0.395 ms
root@CT100:~#
Code:
root@CT100:~# dig 8.8.8.8

; <<>> DiG 9.16.1-Ubuntu <<>> 8.8.8.8
;; global options: +cmd
;; connection timed out; no servers could be reached

root@CT100:~#
Code:
root@CT100:~# nslookup 8.8.8.8
8.8.8.8.in-addr.arpa    name = dns.google.

Authoritative answers can be found from:

root@CT100:~# nslookup 8.8.8.8
;; connection timed out; no servers could be reached
*** NOTE THIS: I DID nslookup two times an get two different response.
 
Definitely you have DNS issues. Does not seem to be the case, but try disabling IPv6 on the CT and restar the CT (stop + start), just in case there is some IPv6 DHCP server on vmbr0 network which could be introducing some route which the CT might prefer over the IPv4 one.

Maybe some device is filtering your traffic out, maybe the router or a firewall. I mean, if you can ping an IP there is connectivity and the network configuration is ok. If you can't access that IP services (DNS of 8.8.8.8 in this case) something must be blocking such traffic.
 
Definitely you have DNS issues. Does not seem to be the case, but try disabling IPv6 on the CT and restar the CT (stop + start), just in case there is some IPv6 DHCP server on vmbr0 network which could be introducing some route which the CT might prefer over the IPv4 one.

Maybe some device is filtering your traffic out, maybe the router or a firewall. I mean, if you can ping an IP there is connectivity and the network configuration is ok. If you can't access that IP services (DNS of 8.8.8.8 in this case) something must be blocking such traffic.
How do i disable IPv6?

also i tried disabling the Firewall of my ISP router/modem combo, setting DMZ to the IP of the server, nothing work...

i have like 30 devices on the same network (phones, consoles, TVs, servers, nas, pc, raspberry, etc) and none of them have problems with DNS.

i even test ESXi on the same machine before proxmox and DNS works well.


thanks.
 
Last edited:
Any other advice? i did a fresh install of ESXi 6.7 with a free license, make a debian 11 vm and dns/internet work without any problems,
 
May I take a look at a packet capture in the VM?

  1. Set *no* DNS server in that VM. This will avoid system DNS requests to show in the capture.
  2. Install wireshark in the Windows VM and set filters to capture all traffic to your LAN DNS server only.
  3. Start wireshark capture.
  4. Open cmd prompt, start "nslookup" and type server YOUR.DNS.SERVER.IP+intro
  5. Type www.google.com + intro
  6. Type www.nba.com + intro
  7. Type www.times.com + intro
  8. Stop Wireshark capture. Save to .pcapng file and upload it somewhere so I cat get it.
Would be nice if you could capture the same traffic in the DNS server, but I understand that might not be possible. Maybe you can install another DNS server in your LAN for this test.

This has never happend to me (yet?) nor any of my colleages, so I'm going to need to dig deeper to find what could be going on.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!