Vagrant needs a configuration option to not globally enable the NatDNSProxy option in Virtualbox

[bmhatfield]

As seen in this pull request (#749), Vagrant will globally enable "--natdnsproxy1", "on" except if the machine has a resolv.conf that points to localhost.

Unfortunately, the natdnsproxy in Virtualbox is not very reliable. In fact, it's so bad that TCP lookups against it will fail.

For example, 'dig google.com' works fine but SOMETIMES the dnsproxy will fail and 'dig google.com +tcp' will not work.

This is a problem when issuing DNS lookups against hosts with a large response (IE, an AWS ELB or any sort of DNS load balanced service), because DNS falls back to TCP for lookups.

Thus, certain lookups through the NatDNSProxy will fail. I don't need it enabled (I don't fit the use case in the above pull request), and since it's junk, I don't want it enabled.

How can I turn it off? VirtualBox doesn't seem to like me adding a second modifyvm that adds the command again to turn it back off.

[marsmensch]

+1 for a disable/enable option

Am 11.01.2013 um 23:55 schrieb Brian Hatfield [email protected]:

As seen in this pull request
(#749#749),
Vagrant will globally enable "--natdnsproxy1", "on" except if the machine
has a resolv.conf that points to localhost.

Unfortunately, the natdnsproxy in Virtualbox is not very reliable. In fact,
it's so bad that TCP lookups against it will fail.

For example, 'dig google.com' works fine but SOMETIMES the dnsproxy will
fail and 'dig google.com +tcp' will not work.

This is a problem when issuing DNS lookups against hosts with a large
response (IE, an AWS ELB or any sort of DNS load balanced service), because
DNS falls back to TCP for lookups.

Thus, certain lookups through the NatDNSProxy will fail. I don't need it
enabled (I don't fit the use case in the above pull request), and since
it's junk, I don't want it enabled.

How can I turn it off? VirtualBox doesn't seem to like me adding a second
modifyvm that adds the command again to turn it back off.

—
Reply to this email directly or view it on
GitHubhttps://github.com//issues/1313.

[mitchellh]

Why doesn't VirtualBox like you setting it off again? What message do you get?

[bmhatfield]

@mitchellh It turns out that setting it off again is indeed working for us. I'm not sure what corner case I got myself in where it didn't work (I think applying it off again on a running VM means that the VM doesn't re-pull DHCP and doesn't re-set /etc/resolv.conf?).

So for my environment, which is somewhat complex, I have applied this against each VM definition. It's still pretty gross and I'd still like to advocate for a cleaner way of disabling it. I'd even be of mind to advocate for this not being the default, but I certainly understand the use case proposed in the original pull request.

Furthermore, I'd like to note that we were able to even further narrow this issue down - it turns out that it's only the NATDNSProxy option in the Linux VirtualBox builds that has this "TCP DNS doesn't work sometimes" issue, our Mac VBox hosts are not seeing this problem. At least VirtualBox 4.1x and 4.2x are affected.

[mitchellh]

@bmhatfield Roger. Good to hear.

I'll definitely be adding an option for this. Stand by.

[blalor]

@mitchellh I'm also looking forward to this option. Hopefully it'll help with #1172, too.

I just discovered the dns proxy thing. It's apparently been enabled since v1.0.2 and I've noticed that I still have to do service network restart on my CentOS guests when switching networks. This is with Vagrant v1.0.5, VirtualBox 4.2.4, Mac OS X 10.8.2.

[mitchellh]

I added the auto_nat_dns_proxy VirtualBox provider config to allow you to disable Vagrant automatically managing this for you. This will be available in 1.1 as a VirtualBox provider configuration that will look something like this:

config.vm.provider :virtualbox do |vb|
  vb.auto_nat_dns_proxy = false
end

I understand the syntax is foreign right now, but it will be well documented with 1.1

[blalor]

👍

[rea725]

This post is related but somewhat off-topic.

I'm trying to get an xubuntu guest Vagrant box (host = Win7) to connect using the host's proxy settings. I've been in google hell, and have thus far concluded that this may in fact be possible but I don't know what settings I need to have in my VagrantFile to attain this result. This message thread is the closest thing to possible answers supplied by people who are in a position to know.

I currently have this line in my config:
config.vm.network :hostonly, "10.42.42.2"

I've done a bunch of experimentation w/ settings such as --natdnsproxy1, but I've not found the silver bullet. I'm currently using Vagrant 1.0.7. Is my intended result attainable?

[jperry]

@mitchellh - I am using the vb.auto_nat_dns_proxy = false setting but Virtualbox still overwrites my /etc/resolv.conf file even though I bundled an updated one into our vagrant box. Any other pointers to prevent whatever is overwriting /etc/resolv.conf on boot? The only solution I have found is by making resolv.conf immutable by running this command chattr +i /etc/resolv.conf before packaging the box. I then have to reverse it in a chef recipe to avoid a failed chef run.

Thanks,
Jay

[hjr3]

@jperry I do not see this option working either. I use #1172 (comment) to work around the issue.

[blalor]

Was this ever documented? I can't find anything here: http://docs.vagrantup.com/v2/virtualbox/configuration.html

[gmanfunky]

auto_nat_dns_proxy = false does not work.

I'm not sure if this is a regression or bugged since introduction.

[scottsb]

This is old, but in case anybody else comes here wondering about the last comments about this not working: I think there was a misunderstanding about the setting's purpose. All the auto_nat_dns_proxy setting does is tell Vagrant not to attempt to set the DNS proxying/host resolver settings at all (either off or on). That means that it falls back to VirtualBox-level defaults (possibly defined at the box level--not sure). If you want to turn off all varieties of proxying you need to use the full set of:

    vb.auto_nat_dns_proxy = false
    vb.customize ["modifyvm", :id, "--natdnsproxy1", "off"]
    vb.customize ["modifyvm", :id, "--natdnshostresolver1", "off"]

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.