VMware Communities
xerces8
Enthusiast
Enthusiast
‎09-24-2013 05:43 AM

NAT: DNS returns bogus entries

Almost the same thing as a few years ago happened:

server 1.0.10 NAT: DNS not working

xerces8 wrote (Nov 2, 2009 1:40 PM):

I just updated VMWare Server from 1.0.9 to 1.0.10 and now DNS does not work in guest that have set up NAT networking.

Tried Ubuntu 9.04 and 9.10, also Windows XP. All using default (automatic) network settings.

I can ping any numerical address, but DNS resolution does not work.

If I set manually a DNS server offered by my ISP in the guests, then it works.

Is this some regression with 1.0.10 ? I'm sure the same VM worked before the update.

Regards,

David

This time I was using VMWare Player 5.0.2 on Windows 8 Pro 64 bit.

I had a few VMs working fine.

Then I updated to Player 6.0.0, created a new VM for Windows8 and installed Windows 8.1 Preview into it.

There I noticed tha DNS does not work;

- ping 8.8.8.8 (Google's DNS server) - works

- nslookup www.najdi.si returns:

C:\Users\stein>nslookup www.najdi.si


Server:  UnKnown


Address:  192.168.91.2




Name:    www.najdi.si.localdomain


Addresses:  89.143.229.238

- ping www.najdi.si gives:

Ping request could not find host www.najdi.si. Please check the name and try again.

- ipconfig /all output:

C:\Users\stein>ipconfig /all




Windows IP Configuration




  Host Name . . . . . . . . . . . . : clearblue


  Primary Dns Suffix  . . . . . . . :


  Node Type . . . . . . . . . . . . : Hybrid


  IP Routing Enabled. . . . . . . . : No


  WINS Proxy Enabled. . . . . . . . : No


  DNS Suffix Search List. . . . . . : localdomain




Ethernet adapter Ethernet0:




  Connection-specific DNS Suffix  . : localdomain


  Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connectio


n


  Physical Address. . . . . . . . . : 00-0C-29-7A-CD-FB


  DHCP Enabled. . . . . . . . . . . : Yes


  Autoconfiguration Enabled . . . . : Yes


  Link-local IPv6 Address . . . . . : fe80::8c9b:97f9:f57a:3e7c%5(Preferred)


  IPv4 Address. . . . . . . . . . . : 192.168.91.128(Preferred)


  Subnet Mask . . . . . . . . . . . : 255.255.255.0


  Lease Obtained. . . . . . . . . . : 22. september 2013 3:17:54


  Lease Expires . . . . . . . . . . : 22. september 2013 3:47:53


  Default Gateway . . . . . . . . . : 192.168.91.2


  DHCP Server . . . . . . . . . . . : 192.168.91.254


  DHCPv6 IAID . . . . . . . . . . . : 83889193


  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-CF-F0-F8-00-0C-29-7A-CD-FB




  DNS Servers . . . . . . . . . . . : 192.168.91.2


  Primary WINS Server . . . . . . . : 192.168.91.2


  NetBIOS over Tcpip. . . . . . . . : Enabled




Tunnel adapter isatap.localdomain:




  Media State . . . . . . . . . . . : Media disconnected


  Connection-specific DNS Suffix  . : localdomain


  Description . . . . . . . . . . . : Microsoft ISATAP Adapter


  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0


  DHCP Enabled. . . . . . . . . . . : No


  Autoconfiguration Enabled . . . . : Yes

A Ubuntu guest VM also had problems with DNS resolution (worked fine before), so I decided to revert back to Player version 5.0.2.

It did not help, so I uninstalled it, cleaned up ( "Manually cleaning a Windows system" at VMware KB: Cleaning up after an incomplete uninstallation on a Windows host ) and then reinstalled Player v5.0.2.

After that a quick test with http://www.sysresccd.org ISO worked, but when I tried the Windows 8.1 VM the problems started again.

I started the SystemRescueCd again and I got:

% ping rtv.si


PING rtv.si.localdomain (91.185.213.134) 56(84) bytes of data.


64 bytes from 91.185.213.134: icmp_seq=1 ttl=128 time=13.1 ms


64 bytes from 91.185.213.134: icmp_seq=2 ttl=128 time=13.9 ms

This is slightly better, but still not correct (it should say "PING rtv.si" , not "PING rtv.si.localdomain").

It seems the DNS server of VMWare Player is sending broken replies.

Any idea how to resolve this?

Reply
8 Replies
xerces8
Enthusiast
Enthusiast
‎09-24-2013 02:04 PM

Now it is even worse. I started a VM with the SystemRescueCD and now it is like this:

% ping rtv.si


ping: unknown host rtv.si


% nslookup rtv.si


Server:  192.168.159.2


Address:  192.168.159.2#53




** server can't find rtv.si: NXDOMAIN




% nslookup rtv.si 8.8.8.8


Server:  8.8.8.8


Address:  8.8.8.8#53




Non-authoritative answer:


Name:    rtv.si


Address:  91.185.213.134


% ping rtv.si


PING 91.185.213.134 (91.185.213.134) 56(84) bytes of data. 


64 bytes from 91.185.213.134: icmp_seq=1 ttl=128 time=13.9 ms

So IP networking works, just the DNS server presented by VMWare Player is broken.

I'm open for ideas...

Reply
0 Kudos
xerces8
Enthusiast
Enthusiast
‎09-29-2013 11:05 AM

Here is some debug output using dig and host (192.168.159.2 is the DNS server address as sent by DHCP):

$ host -v  www.google.com


Trying "www.google.com"


Received 32 bytes from 127.0.1.1#53 in 15 ms


Trying "www.google.com.localdomain"


;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30063


;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0




;; QUESTION SECTION:


;www.google.com.localdomain.    IN    A




;; ANSWER SECTION:


www.google.com.localdomain. 5    IN    A    173.194.35.179




Received 60 bytes from 127.0.1.1#53 in 14 ms


Trying "www.google.com.localdomain"


Host www.google.com.localdomain not found: 5(REFUSED)


Received 44 bytes from 127.0.1.1#53 in 31 ms


Trying "www.google.com.localdomain"


Host www.google.com.localdomain not found: 5(REFUSED)


Received 44 bytes from 127.0.1.1#53 in 16 ms



$ host -v  www.google.com 8.8.8.8


Trying "www.google.com"


Using domain server:


Name: 8.8.8.8


Address: 8.8.8.8#53


Aliases: 




;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42891


;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0




;; QUESTION SECTION:


;www.google.com.            IN    A




;; ANSWER SECTION:


www.google.com.        134    IN    A    173.194.70.104


www.google.com.        134    IN    A    173.194.70.106


www.google.com.        134    IN    A    173.194.70.105


www.google.com.        134    IN    A    173.194.70.99


www.google.com.        134    IN    A    173.194.70.147


www.google.com.        134    IN    A    173.194.70.103




Received 128 bytes from 8.8.8.8#53 in 34 ms


Trying "www.google.com"


;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37509


;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0




;; QUESTION SECTION:


;www.google.com.            IN    AAAA




;; ANSWER SECTION:


www.google.com.        300    IN    AAAA    2a00:1450:4001:c02::68




Received 60 bytes from 8.8.8.8#53 in 48 ms


Trying "www.google.com"


;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35903


;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0




;; QUESTION SECTION:


;www.google.com.            IN    MX




;; AUTHORITY SECTION:


google.com.        60    IN    SOA    ns1.google.com. dns-admin.google.com. 1533863 7200 1800 1209600 300




Received 82 bytes from 8.8.8.8#53 in 36 ms



$ host -v  www.google.com 192.168.159.2 


Trying "www.google.com"


Received 32 bytes from 192.168.159.2#53 in 15 ms


Trying "www.google.com.localdomain"


Using domain server:


Name: 192.168.159.2


Address: 192.168.159.2#53


Aliases: 




;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34254


;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0




;; QUESTION SECTION:


;www.google.com.localdomain.    IN    A




;; ANSWER SECTION:


www.google.com.localdomain. 5    IN    A    173.194.35.178




Received 60 bytes from 192.168.159.2#53 in 13 ms


Trying "www.google.com.localdomain"


Host www.google.com.localdomain not found: 5(REFUSED)


Received 44 bytes from 192.168.159.2#53 in 15 ms


Trying "www.google.com.localdomain"


Host www.google.com.localdomain not found: 5(REFUSED)


Received 44 bytes from 192.168.159.2#53 in 15 ms





$ dig  www.google.com




; <<>> DiG 9.9.2-P1 <<>> www.google.com


;; global options: +cmd


;; Got answer:


;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 21052


;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1




;; OPT PSEUDOSECTION:


; EDNS: version: 0, flags:; MBZ: 0005 , udp: 4096


;; QUESTION SECTION:


;www.google.com.            IN    A




;; Query time: 16 msec


;; SERVER: 127.0.1.1#53(127.0.1.1)


;; WHEN: Sun Sep 29 19:56:07 2013


;; MSG SIZE  rcvd: 43



$ dig @8.8.8.8  www.google.com




; <<>> DiG 9.9.2-P1 <<>> @8.8.8.8 www.google.com


; (1 server found)


;; global options: +cmd


;; Got answer:


;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5098


;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1




;; OPT PSEUDOSECTION:


; EDNS: version: 0, flags:; udp: 512


;; QUESTION SECTION:


;www.google.com.            IN    A




;; ANSWER SECTION:


www.google.com.        94    IN    A    173.194.70.104


www.google.com.        94    IN    A    173.194.70.106


www.google.com.        94    IN    A    173.194.70.105


www.google.com.        94    IN    A    173.194.70.99


www.google.com.        94    IN    A    173.194.70.147


www.google.com.        94    IN    A    173.194.70.103




;; Query time: 34 msec


;; SERVER: 8.8.8.8#53(8.8.8.8)


;; WHEN: Sun Sep 29 19:55:52 2013


;; MSG SIZE  rcvd: 139


$ dig @192.168.159.2   www.google.com




; <<>> DiG 9.9.2-P1 <<>> @192.168.159.2 www.google.com


; (1 server found)


;; global options: +cmd


;; Got answer:


;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 53146


;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1


;; WARNING: recursion requested but not available




;; OPT PSEUDOSECTION:


; EDNS: version: 0, flags:; MBZ: 0005 , udp: 4096


;; QUESTION SECTION:


;www.google.com.            IN    A




;; Query time: 16 msec


;; SERVER: 192.168.159.2#53(192.168.159.2)


;; WHEN: Sun Sep 29 20:04:26 2013


;; MSG SIZE  rcvd: 43
Reply
0 Kudos
xerces8
Enthusiast
Enthusiast
‎10-06-2013 11:48 AM

Here is the same problem reported by someone else in 2010, it also has packet captures: http://www.enchantedage.com/vmware-bad-dns-1

Basically the DNS server returns ERROR REFUSED (Flags: 0x8185 (Standard query response, Refused))

Reply
0 Kudos
xerces8
Enthusiast
Enthusiast
‎10-07-2013 01:13 PM

I did a packet capture on the host system and it turns out VMware Player sends the DNS queries to a DNS server of a competing ISP, which answers with REFUSED.

So my host (192.168.222.117) is connected via wired LAN to my home router (192.168.222.1), which is connected to a DSL modem.

My host sends all "normal" DNS queries to 192.168.222.1, which forwards them to the ISP DNS server(84.x.y.z).

And the reply comes in the opposite direction. No errors.

But when a vmware guest sends a DNS query to 192.168.111.2 (the DNS server address sent by DHCP from vmware Player), vmware sends that query to 213.u.w.v (DNS server of a different ISP in same country).

When sends a reply with status REFUSED.

It is bizarre. Why would VMware send DNS queries to anything but the system configured DNS server????

Anyone?

Reply
0 Kudos
xerces8
Enthusiast
Enthusiast
‎10-07-2013 01:26 PM

In the network settings of VMware, under NAT Settings ... / DNS Settings... , I turned off the option "Auto detect available DNS servers" and entered 192.168.222.1 (my system DNS server).

Now everything works OK.

It seems the auto detect code has some problems.

Reply
lukas_ruf
Contributor
Contributor
‎11-28-2013 05:09 AM

I do experience exactly the same problems: Host Win7, 64bit; Guests: Various

When Windows installed the November Patches on Tuesday two weeks ago, VMware stopped handling the DNS requests via VMNet8 correctly.

While I could handle DNS requests in a private network easily by statically configuring the DNS server, this approach does not work when travelling with changing settings.

I presume that DNS-handling code in VMNet8 is not compatible with the latest patches by Microsoft.

A workaround for me -- working but not convenient -- is the use of a VPN-tunnel to my corporate network with statically configuring the DNS server of the company

Reply
trollfar
Contributor
Contributor
‎02-13-2015 07:04 AM

I have the same problem now and then. I think it is because I got the server on my laptop (with guests having different oses and different versions of our product) and then I use the laptop on 3g, at home, or at some customer office.

It seems the built-in DNS relay in the vmware network does not refresh DNS settings. Anybody knows how to force it? Or to make it pass the DNS lookups through to the host operating system (Windows)?

Reply
0 Kudos
EfiVg
Contributor
Contributor
‎12-22-2016 08:49 AM

Had the exact same issue a few days ago. This is how I solved it.

On Wmware I clicked on edit > Virtual network editor

Clicked on the third one (NAT) then NAT settings then DNS settings.

Unchecked "Auto detect available DNS servers" and set manually two DNS servers. First one should be 8.8.8.8 (Google DNS server)

Then I tried to ping google.com and everything worked great without that "localdomain" which makes everything slower. 

In the next morning I went back, removed those DNS and checked again "Auto detect available DNS servers".

I guess that refreshed the DNS inside the Linux and fixed the issue because now everything works normally Smiley Happy

Reply
0 Kudos