Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS resolution issues when using vault #1159

Closed
rhoml opened this issue Mar 2, 2016 · 3 comments
Closed

DNS resolution issues when using vault #1159

rhoml opened this issue Mar 2, 2016 · 3 comments

Comments

@rhoml
Copy link

rhoml commented Mar 2, 2016

I found this weird issue when using the vault command line.

$ curl https://<REMOTE_DNS>:8200/v1/sys/seal-status
{"sealed":false,"t":3,"n":5,"progress":0}

$ vault status
Error checking seal status: Get https://<REMOTE_DNS>:8200/v1/sys/seal-status: dial tcp: lookup <REMOTE_DNS> on 10.1.1.1:53: no such host

traceroute

traceroute <REMOTE_DNS>
traceroute to <REMOTE_DNS> (10.13.24.67), 64 hops max, 52 byte packets
 1  172.16.1.1 (172.16.1.1)  201.717 ms  200.264 ms  200.388 ms
 2  10.60.21.193 (10.60.21.193)  202.082 ms  204.834 ms  201.545 ms
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  10.0.31.197 (10.0.31.197)  201.808 ms
    10.0.31.191 (10.0.31.191)  202.405 ms
    10.0.31.197 (10.0.31.197)  203.313 ms
 8  10.0.31.49 (10.0.31.49)  201.406 ms  206.444 ms  203.849 ms
 9  10.13.24.67 (10.13.24.67)  201.497 ms  204.067 ms  201.465 ms

the only way to make it work is modifying my /etc/hosts file and enforcing the ip address there don't know if anyone else has found this issue.
@jefferai
Copy link
Member

jefferai commented Mar 2, 2016

Hi @rhoml,

Our builds are static and thus use Go's internal DNS resolver. This may have different behavior than your libc's resolver depending on the OS, especially when there isn't a local DNS resolver running (e.g. dnsmasq.

You can either use the HTTP API, or you can build Vault yourself dynamically (e.g. without using CGO_ENABLED=0 in order to have it use your system's resolver libraries.

@rhoml
Copy link
Author

rhoml commented Mar 2, 2016

Thought that it was somehow related to go resolver. Let me try to disable the CGO_ENABLED variable and see how it works. Thanks @jefferai

@rhoml rhoml closed this as completed Mar 2, 2016
@ProbablyRusty ProbablyRusty mentioned this issue Nov 25, 2016
Closed
4 tasks
dunn pushed a commit to Homebrew/homebrew-core that referenced this issue Dec 10, 2016
@ProbablyRusty @dunn
vauls: add dynamic option
3a9a2ab 
- Add option “with-dynamic” to vault, in order to optionally build with CGO_ENABLED
- This is a common use case for VPN users on Mac OS X
- See: hashicorp/vault#1159, hashicorp/vault#712

Closes #7238.

Signed-off-by: Alex Dunn <dunn.alex@gmail.com>
@flyinprogrammer
Copy link

Here's another case where golang/go#12524 is an issue.

@scottillogical scottillogical mentioned this issue Apr 22, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jefferai @rhoml @flyinprogrammer