Login

u/Dry-Industry3797

▲ 2 r/netbird

Nameserver not set on host when running Netbird in a docker container

I have the following Netbird docker container running:

name: vpn

services:
  netbird:
    image: netbirdio/netbird:latest
    hostname: nyggivegur19
    restart: unless-stopped
    privileged: true
    cap_add:
      - NET_ADMIN
      - SYS_ADMIN
      - SYS_RESOURCE
    network_mode: host
    volumes:
      - ./data:/var/lib/netbird
    command: ["up"]

I also have a working nameserver. This can be seen by viewing the `/etc/resolv.conf` file inside of the container:

othenone@my-server:~$ sudo docker exec vpn-netbird-1 cat /etc/resolv.conf
# Generated by NetBird
# The original file can be restored from /etc/resolv.conf.original.netbird
options edns0 trust-ad
search netbird.cloud home
nameserver 100.101.239.82

And using names provided by the nameserver works within the container:

othenone@my-server:~$ sudo docker exec vpn-netbird-1 ping nas.server.home
PING nas.server.home (192.168.7.153): 56 data bytes
64 bytes from 192.168.7.153: seq=0 ttl=63 time=50.412 ms
64 bytes from 192.168.7.153: seq=1 ttl=63 time=50.261 ms
64 bytes from 192.168.7.153: seq=2 ttl=63 time=49.412 ms
64 bytes from 192.168.7.153: seq=3 ttl=63 time=49.248 ms

But outside of the container, the nameserver configuration is not applied:

othenone@my-server:~cat /etc/resolv.conf
# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search home

And therefore, the names from the nameserver do not work:

othenone@my-server:~$ ping nas.server.home 
ping: nas.server.home: Name or service not known

Is this intended behaviour? Or is this a bug? If it's intended behaviour, what is the recommended way of setting the nameserver on the host when using Netbird in a docker container?

reddit.com
u/Dry-Industry3797 — 8 days ago