SOLVED DNS works on my NAS, but not within applications

[Bazoogle]

I recently setup my TrueNAS scale, it's on the most recent version, and I seem to run into issue after issue. Right now, the DNS is not working within my applications, but works within the main shell.

TrueNAS Shell

Application Pod Shell

I am not as familiar with linux, and have no idea why this would happen. My programs are installed through TrueCharts because I have had better luck with programs installed through that, but it happens with apps installed from official charts too. I manually set my IP and DNS in the network settings on TrueNAS.

If I were to try and update the gravity in pihole, it gives me a DNS resolution error. I cannot connect to any external site on any of my apps.

 

[artlessknave]

did you set your network settings in the webUI? don't use the CLI. any settings there can revert at any time.
screens of the webUI instead of resolv.conf would make more sense.

you should also post your hardware, as that's a forum rule.

 

[Bazoogle]

did you set your network settings in the webUI? don't use the CLI. any settings there can revert at any time.
screens of the webUI instead of resolv.conf would make more sense.

you should also post your hardware, as that's a forum rule.

I set it using the web interface.

 

[artlessknave]

your "pod shell" IP looks like its probably private. i would speculate that when you created the container, it was created with local networking only?

it's trying to reach 172.17.0.10 for DNS. what is that? does it exist?

 

[Bazoogle]

your "pod shell" IP looks like its probably private. i would speculate that when you created the container, it was created with local networking only?

it's trying to reach 172.17.0.10 for DNS. what is that? does it exist?

It was the default value when setting up... something. It does not mean anything to me. I remember seeing it in a box, not thinking much about it because I didn't know what it was, so I left it default. I've left most settings default because, while I have IT experience, this is all a new area for me. I've been doing so much configuration, I don't remember where I saw it, and I'm trying to find it again. I'll see if I can find it and potentially change the value

 

[artlessknave]

also, your desktop mobo is a realtek. it's very possible there is something about it preventing the kind of shared access this would likely need.
it *should* work but realtek is known for being unreliable.

 

[Bazoogle]

Okay, I found it. It's under "Apps"-> "Settings" -> "Advanced Settings" there was:

• "Cluster CIDR" set to 172.16.0.0/16
• "Service CIDR" set to 172.17.0.0/16
• "Cluster DNS IP" set to 172.17.0.10

So I clearly see the Cluster DNS IP is what it's using for DNS, but why would it use that as default? I'm also not positive I know what a CIDR is. Is there a recommend value for that, or should I just set it to Google DNS? I does have the disclaimer "Changing settings below will result in Kubernetes cluster re-initialization deleting installed apps and their data." so I'm not positive I want to change it until I know what I should set it to

 

[artlessknave]

CIDR is a simple google seach. it doesn't really mean anything since you are running a private network.

sorry, don't know. the rest of that is the scale/docker network config. hopefully someone more familiar with Scale can help you out.

 

[Bazoogle]

I see the same issue described here where the solution seemed to be to reinstall TrueNAS with a new pool. In the thread, the original poster also does not reach a conclusion. In this thread there is a supposed work around that is highly suggested not to be used. This does not seem to be a new issue, and there has yet to be a solution, so who knows if we'll find one now.

The only thing I can things of is I encrypted my pool, and when ix-applications dataset is created it is unencrypted. Apps can access the data from other datasets, so I doubt this is the issue.

I'd obviously rather not go the destructive route of deleting everything and trying again, but I'm early enough in the setup that I guess I could.

 

[Bazoogle]

Okay, after months of work and trying different things, I fixed the issue. Here is the process and solution:

I submitted a bug report to TrueNAS because I had done everything that I could think of, and wasn't sure what else I could possibly try. The TrueNAS tech was thinking it could be something to do with the configuration. However, after everything appeared normal, he recommended I boot up a VM TrueNAS on my laptop. I had the exact same error on my laptop, so it likely wasn’t hardware or configuration related. I tested the VM on another network, and it worked perfectly. I took it back home, and it didn’t work again. That narrowed it down to my ISP or my network equipment. I had already bought a new router (a used $40 ASUS router), so I wasn’t thinking it was my equipment since I experienced the issue on both sets of equipment individually. I then thought to run the NAS through a VPN, and it worked. This further led me to believe it was my ISP. To get conclusive results, I took my laptop VM to a neighbors house who has the same ISP but different modem/router. To my surprise, it worked there. That meant it had to be my equipment. The only possible problem it could be was my original modem/router I used, since I was experiencing the issue before I bought the new router. Which is frustrating, because I've looked at all the settings and it didn't seem like there was a lot I could do. After doing a little more research, I was able to turn the modem/router into bridge mode so it acted strictly as a modem, and to my surprise (and relief) it worked. Somehow my modem/router messed up specifically cluster DNS specifically, but didn’t if it was run through a VPN. I have no idea how this happened, but now we have a potential fix for anyone else experiencing the same thing.

 

[artlessknave]

if you have an ISP gateway and then another router, you have double NAT. double NAT = bad times all around.
the most correct way is to run bridge mode on the ISP gateway to get rid of the extra NAT and use your router for the NAT.
the gateways provided by ISP's are typically pretty crappy, trying to do 5 things all in one underpowered device (router, modem, switch, webUI, Access point - some add file sharing, mesh networks, etc)
a VPN would bypass the double NAT, matching what you are describing.

 

[Bazoogle]

if you have an ISP gateway and then another router, you have double NAT. double NAT = bad times all around.
the most correct way is to run bridge mode on the ISP gateway to get rid of the extra NAT and use your router for the NAT.
the gateways provided by ISP's are typically pretty crappy, trying to do 5 things all in one underpowered device (router, modem, switch, webUI, Access point - some add file sharing, mesh networks, etc)
a VPN would bypass the double NAT, matching what you are describing.

Just to be clear, I got the second router because I was experiencing the issue. So I initially got the issue with just regular NAT on my router. It's possible the double NAT was causing issues, but it wasn't the only issue

 

[help!]

Okay, after months of work and trying different things, I fixed the issue. Here is the process and solution:

I submitted a bug report to TrueNAS because I had done everything that I could think of, and wasn't sure what else I could possibly try. The TrueNAS tech was thinking it could be something to do with the configuration. However, after everything appeared normal, he recommended I boot up a VM TrueNAS on my laptop. I had the exact same error on my laptop, so it likely wasn’t hardware or configuration related. I tested the VM on another network, and it worked perfectly. I took it back home, and it didn’t work again. That narrowed it down to my ISP or my network equipment. I had already bought a new router (a used $40 ASUS router), so I wasn’t thinking it was my equipment since I experienced the issue on both sets of equipment individually. I then thought to run the NAS through a VPN, and it worked. This further led me to believe it was my ISP. To get conclusive results, I took my laptop VM to a neighbors house who has the same ISP but different modem/router. To my surprise, it worked there. That meant it had to be my equipment. The only possible problem it could be was my original modem/router I used, since I was experiencing the issue before I bought the new router. Which is frustrating, because I've looked at all the settings and it didn't seem like there was a lot I could do. After doing a little more research, I was able to turn the modem/router into bridge mode so it acted strictly as a modem, and to my surprise (and relief) it worked. Somehow my modem/router messed up specifically cluster DNS specifically, but didn’t if it was run through a VPN. I have no idea how this happened, but now we have a potential fix for anyone else experiencing the same thing.

Mate ive got two routers on the same SSID is this what your saying? and you have dhcp off on the second non main router and your telling it to resolve at the primary routers IP?

thats wht ive got going on and i cant VPN out f true nas scale, ive bought a Router for offsite nd i have one here on a router an the one here works, so my assumption is the one off site will work and they will be able to communicate via the VPN bypassing the dual routers entirely