On Wed, Sep 18, 2024 at 10:58:44AM +1000, David Gibson wrote:
On Tue, Sep 17, 2024 at 03:22:04PM +0000, Castelli, Anton wrote:
David,
Thank you very much for the quick reply!
I tried querying the DNS with TCP and it worked correctly, using the VRRP address in the reply packet. Unfortunately, UDP is the default for DNS queries.
Right.
Thanks for the advice about the options and the workaround. I had just copied them from the Podman docs and modified them slightly. I tried the '--publish 10.1.1.1:53:53/udp --publish 10.1.1.2:53:53/udp' options, and it worked great on the primary server that had the active VRRP address. I was able to query both the regular and VRRP addresses and get a response. Unfortunately, when I tried the same on the secondary server that doesn't have the VRRP address, it refused to bind to the non-existent '10.1.1.2' address.
Ah, right, of course. I was just thinking about the primary, and didn't consider how the secondaries would also need to listen on that address at some future time.
I tried with both the publish options and got an error (10.1.1.3 is the regular IP of the secondary server).
--publish 10.1.1.3:53:53/udp --publish 10.1.1.2:53:53/udp
Error: unable to start container "XXXX": pasta failed with exit code 1: Altering mapping of already mapped port number: 10.1.1.2/53-53:53-53
This looks like a different bug - although one that I think will be fixed by some work that's pretty close to the top of my queue. It's not all that relevant for your case right now, because..
I just had a closer look at the code which produces this error. The error is not really correct here - it is a bug. However, it's issued as only a warning and I think this shouldn't actually break anything for your situation (assuming we can work around the other issues). -- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson