http://bugzilla.opensuse.org/show_bug.cgi?id=1156112 http://bugzilla.opensuse.org/show_bug.cgi?id=1156112#c2 Michal Hlavac changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(miso@hlavki.eu) | --- Comment #2 from Michal Hlavac --- After restart and connected to internet: hlavki@hlknb:~> docker pull alpine Using default tag: latest Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on [::1]:53: read udp [::1]:44874->[::1]:53: read: connection refused hlavki@hlknb:~> dig registry-1.docker.io ; <<>> DiG 9.11.2 <<>> registry-1.docker.io ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26682 ;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;registry-1.docker.io. IN A ;; ANSWER SECTION: registry-1.docker.io. 0 IN A 34.201.196.144 registry-1.docker.io. 0 IN A 34.228.211.243 registry-1.docker.io. 0 IN A 34.232.31.24 registry-1.docker.io. 0 IN A 52.2.186.244 registry-1.docker.io. 0 IN A 52.55.198.220 registry-1.docker.io. 0 IN A 52.70.175.131 registry-1.docker.io. 0 IN A 52.87.94.70 registry-1.docker.io. 0 IN A 54.210.105.17 ;; Query time: 54 msec ;; SERVER: 192.168.10.1#53(192.168.10.1) ;; WHEN: Fri Nov 08 08:51:42 CET 2019 ;; MSG SIZE rcvd: 177 -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=1156112 Andrey Karepin changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |egdfree@opensuse.org -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=1156112 http://bugzilla.opensuse.org/show_bug.cgi?id=1156112#c5 --- Comment #5 from Aleksa Sarai --- Also sorry for not seeing this bug before, I didn't see the notification email (nor can I find it in my Archives of containers-bugowner). Odd. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=1156112 http://bugzilla.opensuse.org/show_bug.cgi?id=1156112#c7 --- Comment #7 from Aleksa Sarai --- (In reply to Michal Hlavac from comment #6)

Hi Aleksa,

thanks for reply.

1. 192.168.10.1 is IP of my home router

Okay, so it's definitely the case that Docker (for whatever reason) is misunderstanding your DNS configuration.

2. Now I am out of my home network, but this problem occurs everywhere.

/etc/resolv.conf is generated:

### /etc/resolv.conf is a symlink to /var/run/netconfig/resolv.conf ### autogenerated by netconfig! # # Before you change this file manually, consider to define the # static DNS configuration using the following variables in the # /etc/sysconfig/network/config file: # NETCONFIG_DNS_STATIC_SEARCHLIST # NETCONFIG_DNS_STATIC_SERVERS # NETCONFIG_DNS_FORWARDER # or disable DNS configuration updates via netconfig by setting: # NETCONFIG_DNS_POLICY='' # # See also the netconfig(8) manual page and other documentation. # ### Call "netconfig update -f" to force adjusting of /etc/resolv.conf. nameserver 195.80.171.4 nameserver 195.28.64.119

I guess at home this file would contain "nameserver 192.168.10.1"?

I have not local DNS server. What do you mean by connect to localhost via IPv6. I tried ping and it works: hlavki@hlknb:~> ping6 ::1 PING ::1(::1) 56 data bytes 64 bytes from ::1: icmp_seq=1 ttl=64 time=0.077 ms 64 bytes from ::1: icmp_seq=2 ttl=64 time=0.070 ms

::1 is like 127.0.0.1 but for IPv6 (it's your local machine) -- it's not very surprising that you can ping it :P. I meant trying to force a DNS lookup to your localhost to see if it fails outside Docker as well. You'd do it with something like: % dig @::1 +short registry-1.docker.io But I imagine this will give you a timeout error.

3. When I restart docker daemon, it starts to work. Maybe problem is that network connection is made after docker daemon starts.

I guess Docker might cache the DNS server to try (but this happens before resolv.conf is configured) -- if you try to pull an image a few times in a row (without restarting) does it eventually work? Or is it constantly broken until you restart? -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=1156112 http://bugzilla.opensuse.org/show_bug.cgi?id=1156112#c9 Aleksa Sarai changed: What |Removed |Added ---------------------------------------------------------------------------- Component|Containers |Network Assignee|containers-bugowner@suse.de |screening-team-bugs@suse.de --- Comment #9 from Aleksa Sarai --- To me it looks like there's something fishy about the DNS auto-configuration of your machine (maybe it's a NetworkManager problem idk) -- Docker is just using whatever DNS is configured on your box. I'll reassign this to the networking folks. -- You are receiving this mail because: You are on the CC list for the bug.