Jim Basilio <[email protected]> wrote: > Ahhh, I think I see. Looking closer at my last wireshark capture that I > saved, I see "ICMP/Destination unreachable (Port unreachable)" errors to > BOTH 192.168.0.2 AND 192.168.0.3. So I was getting traffic issues going to > my host DNS proxy as well as the gateway itself.
Remember that the gateway address (.2) is also an alias for the host's loopback. So packets to 192.168.0.2:53 are delivered to host's 127.0.0.1:53 (assuming those port unreachable were for the dns traffic). So if you don't have resolver listening on host's loopback you would get those. DNS proxy and host resovler (depending on which one is enabled) respond to .3:53, but only if enabled. So any chance you actually had them disabled when you tried this? Anyway, without a controlled experiment this is all speculative. If you run into this again, please, save captures. Thanks. > On Thu, May 12, 2016 at 11:43 AM Valery Ushakov <[email protected]> wrote: > >> Jim Basilio <[email protected]> wrote: >> >> > Yes, I was using both settings. I create a static ip address and setup my >> > eth0 card manually vs. having network manager or any dhcp control it. I >> > install bind9 and it bound to 127.0.0.1:53 and 192.168.0.15:53. >> > >> > In /etc/resolv.conf I set my nameserver to be 192.168.0.3. >> > In /etc/network/interfaces.d/eth0.cfg I set it to be 127.0.0.1. >> > >> > Looking at the above 2 settings I apparently had 2 different settings and >> > didn't realize it until just now. I was utilizing the host's proxied DNS >> > (192.168.0.3) in resolv.conf while the ethernet itself was confifugred to >> > use bind9. >> > >> > Dunno if that could have something to do with it .... wireshark was >> > consistently having connectivity issues with 192.168.0.2 (my gateway) .. >> > the error was ICMP/Destination unreachable (Port unreachable). I never >> had >> > DNS issues/failures how up in wireshark ... >> >> Hmm, 192.168.0.2? In your original mail you said: >> >> | If I run a wireshark capture I get loads of ICMP "Destination >> | unreachable (Port unreachable)" messages from my box (192.168.0.15) >> | to the DNS (192.168.0.3) >> >> So it's a different address (.3) and different direction, so there >> must be a typo somewhere. >> >> >> > On Wed, May 11, 2016 at 5:27 PM Valery Ushakov <[email protected]> >> wrote: >> > >> >> Jim Basilio <[email protected]> wrote: >> >> >> >> > oh, whoops! what you said about the natdnsproxy1 and >> natdnshostresolver1 >> >> > made me question my need for those. >> >> > >> >> > i removed both and pointed directly to my intranet DNS, since i've >> >> switched >> >> > to static hardcoded IP addresses and things seem to be working now! >> >> >> >> Good for you :), but I'd rather figure what the problem really was. >> >> So, did you use host resolver or dns proxy? >> >> >> >> >> >> >> I mean VirtualBox DNS proxy (--natdnsproxy1). >> >> >> >> >> >> Please, can you provide your VM .vbox file and VBox.log. Packet >> >> >> traces from the guest might also come in handy. >> >> >> >> -uwe >> >> -uwe >> >> >> >> ------------------------------------------------------------------------------ >> Mobile security can be enabling, not merely restricting. Employees who >> bring their own devices (BYOD) to work are irked by the imposition of MDM >> restrictions. Mobile Device Manager Plus allows you to control only the >> apps on BYO-devices by containerizing them, leaving personal data >> untouched! >> https://ad.doubleclick.net/ddm/clk/304595813;131938128;j >> _______________________________________________ >> VBox-users-community mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/vbox-users-community >> _______________________________________________ >> Unsubscribe: mailto:[email protected] >> ?subject=unsubscribe >> > > [-- text/html, encoding quoted-printable, charset: UTF-8, 105 lines --] > > [-- text/plain, encoding 7bit, charset: us-ascii, 6 lines --] > > ------------------------------------------------------------------------------ > Mobile security can be enabling, not merely restricting. Employees who > bring their own devices (BYOD) to work are irked by the imposition of MDM > restrictions. Mobile Device Manager Plus allows you to control only the > apps on BYO-devices by containerizing them, leaving personal data untouched! > https://ad.doubleclick.net/ddm/clk/304595813;131938128;j > [-- text/plain, encoding 7bit, charset: us-ascii, 4 lines --] > > _______________________________________________ > VBox-users-community mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/vbox-users-community -- -uwe ------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j _______________________________________________ VBox-users-community mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vbox-users-community _______________________________________________ Unsubscribe: mailto:[email protected]?subject=unsubscribe
