Create DNS proxy using Host resolving API

[Rich McAllister]

After upgrading from VirtualBox 2.2.x to 3.0.2 on an Ubuntu 9.04 host, the WinXP guest using NAT networking and DHCP no longer could resolve DNS names. Checking ipconfig showed the DNS server list was empty. Since my host runs a caching/forwarding BIND server, I had left /etc/resolv.conf empty (no "nameserver" entries), depending on the default resolver library behavior of using the loopback address if nothing else is specified. After changing /etc/resolv.conf to contain nameserver entries for 127.0.0.1 and the servers I normally forward to, VBox DHCP correctly fed the NAT gateway address and the forwarding servers to the guest, and everything was fine.

This host config did work prior to upgrading to 3.0.2; I suspect there used to be a special case to handle no nameserver entries in /etc/resolv.conf that somehow got broken by some other change.

[vasily Levchenko]

please attach the log file. I can't reproduce it here, host's 127.0.0.1 entry correctly is mapping into 10.0.2.2 entry. your problem might be caused by other conditions. The ​pcap file will be helpful as well.

[Rich McAllister]

pcap trace of failing DHCP

[Rich McAllister]

Never could get the nictrace to run with the released version; finally made a dbgopt build and got one, now attached. (I also have some logs generated with drv_nat selected, let me know if you'd like to see those.) Looking at the code, I can't see where a DNS server entry is ever generated if there are no "nameserver" lines at all in resolv.conf. In the particular case I have, /etc/resolv.conf contains only a comment (left over from Ubuntu's network-manager, which I've removed.)

(I've now spent enough time looking at the code I'm going to try to gen up a patch.)

[vasily Levchenko]

Replying to rfm:

Never could get the nictrace to run with the released version; finally made a dbgopt build and got one, now attached. (I also have some logs generated with drv_nat selected, let me know if you'd like to see those.) Looking at the code, I can't see where a DNS server entry is ever generated if there are no "nameserver" lines at all in resolv.conf. In the particular case I have, /etc/resolv.conf contains only a comment (left over from Ubuntu's network-manager, which I've removed.)

What behavior do you expect in case of empty resolv.conf file? We're planing in 3.1, using proxy using host resolving api. Before 2.2 Vbox sends 10.0.2.3 as proxy to first entry of resolv.conf. Current dns proxy in case you're using it mapps 10.0.2.3 to entries in resolv.conf or registered in the system.

(I've now spent enough time looking at the code I'm going to try to gen up a patch.)

if you're going to gen the patch it'd be better to make it as an module to libalias like src/VBox/Devices/Network/slirp/libalias/alias_ftp.c and wth corresponded changes in udp_input.c

[Rich McAllister]

The behavior I expect with an empty resolv.conf (really, one with no "nameserver" lines) is the same behavior as libresolv/glibc implements: use 127.0.0.1. That is, a empty resolv.conf gives the same behavior as a resolv.conf containing "nameserver 127.0.0.1". Of course, the guest can't get at the host's loopback, so the loopback needs to get mapped to the host alias on the NAT net, which already happens in the case of an explicit "nameserver 127.0.0.1" but not in the case of no "nameserver" entries at all. The patch I had envisioned would simply have done the same thing in both cases.

But if the 3.1-ish plan is to simply proxy all NAT guest DNS requests by host resolve API calls, I will automatically get my desired behavior of following what the host resolve API does, which makes my proposed patch pretty short-term. Since there's an easy workaround ("put 'nameserver 127.0.0.1' in resolv.conf") I think it's best to shelve this ticket until 3.1 (or whatever release gets the new proxy code) appears and close it then.

[vasily Levchenko]

duplicate of #3847