When I look at /etc/resolv.conf in the following VMs it says different things:
1) Normal AppVM: nameserver 10.139.1.1 nameserver 10.139.1.2 2) Sys-firewall VM: nameserver 10.139.1.1 nameserver 10.139.1.2 3) Sys-net VM: [actual resolvers] The chain for DNS packets is obviously AppVM -> Sys-firewall -> sys-net However, what I don't undersatnd is that 10.139.1.1 does not exist. That is not the IP address for any VM on the network. This canĀ be verified in Qubes Manager looking at the IP column. In addition, 10.139.1.1 refers to different VMs depending on the VM sending the packets. In AppVM it routes to sys-firewall. In sys-firewall it routes to sys-net. So, my question is how does all of this work? Where exactly does any request to 10.139.1.1 route to the actual connected VM. Looking at IP table rules I do not see where traffic sent to 10.139.1.1 goes to [sys-firewall IP here] for example. It appears to be doing it all magically, so where is the magic? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/LYegJve--3-1%40tutanota.com. For more options, visit https://groups.google.com/d/optout.
