• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

DNS Forwarder works but DNS Resolver do not work with docker container.

Scheduled Pinned Locked Moved DHCP and DNS
2 Posts 2 Posters 745 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • F
    Fandangos
    last edited by Mar 5, 2022, 11:36 AM

    Hi,

    This is my first post here and I've been using pfsense for a week now, so I'm a noob asking this:

    I have a NAS server running Unraid and a Emby docker container.
    The problem I'm facing is that Emby can't resolve any DNS, so it can't access themoviedb to retrive movie information.

    After days trying to understand what was going on I was able to fix it on the server side, by adding --dns (some dns server) as extra parameters before starting the docker but I wanted to fix it in a proper way, not a workaround.

    So I've found that I can fix it if I disable the DNS Resolver service and instead use the DNS Forwarder.

    My question is basically, why? Why DNS Resolver might be blocking the requests from docker containers?
    I can ping just fine from a SSH shell inside my Unraid NAS box, so it's just the container.

    And since I'm asking this question, I would like to ask:
    I understand DNS Resolver is great because there's no need for external servers providing the IP for an address, it can resolve it somehow (I have no idea how it's done).
    My other question is: is DNS Resolver faster compared to DNS Forwarder?

    My ISP DNS is fast, I get less than 5 ms when testing it.

    Should I try to fix the DNS Resolver and use it instead of DNS Forwarder in my scenario?

    Thanks to anyone with the patience to read my lenght question and replying to it.

    V 1 Reply Last reply Mar 7, 2022, 8:54 PM Reply Quote 0
    • V
      viragomann @Fandangos
      last edited by Mar 7, 2022, 8:54 PM

      @fandangos said in DNS Forwarder works but DNS Resolver do not work with docker container.:

      So I've found that I can fix it if I disable the DNS Resolver service and instead use the DNS Forwarder.
      My question is basically, why? Why DNS Resolver might be blocking the requests from docker containers?

      The Resolver uses an access control list. By default all local networks assigned to pfSense interfaces are allowed to access it.
      If you want other devices to access the Resolver you have to add the IPs or networks to the ACL on the Access Lists tab.

      So check how the docker requests the DNS server and if it either does at all.

      I understand DNS Resolver is great because there's no need for external servers providing the IP for an address, it can resolve it somehow (I have no idea how it's done).

      The DNS Resolver uses root DNS servers by default. You cannot configure them by yourself. However, in forwarder mode it uses the servers you've entered in System > General or even the ones configured by DHCP if applicable and you allow to override your settings.

      is DNS Resolver faster compared to DNS Forwarder?

      The Resolver caches host name IP pairs. So when you resolve a cached host name it would be faster naturally. Otherwise it won't really be.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received