Dear Qubes users, today DNS lookup temporarily failed in my Debian AppVMs attached to sys-firewall. I took a look at /etc/resolv.conf and it lists the nameservers 10.139.1.1 10.139.1.2 Qubes Manager shows no VMs with that address, sys-firewall has 10.137.0.6 and sys-net has 10.137.0.5. Editing /etc/resolv.conf to use external nameservers restored DNS lookup, but that is certainly not how it is supposed to be. After a fedora-30 update and re-start of the physical machine, DNS lookup works again, even with the seemingly non-existent nameserver. sys-net lists my DSL router as nameserver. Name resolution worked on other devices attached to the router.
What is going on here? (I already looked at the networking documentation at qubes-os.org.) Reading /usr/lib/qubes/qubes-setup-dnat-to-ns it seems that some iptables rules are set on VM boot that redirect port 53 requests, but I can't get iptables inside the AppVM to divulge these rules. Hence I wonder how to debug this if the issue should happen again. Thanks, Olaf -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/438b854d30facc493a4a7be72519a64c185e8715.camel%40aatal-apotheke.de.
