DNS configuration

[avrodriguezgrad]

Hi @linouxis9

I am starting to use PacketRusher, and I believe it's incredible. Thank you for this tool!

I have a doubt regarding DNS configuration. Do you know if it's possible to config 5GC dns servers in VRF? I'm using Open5GS, and connectivity through IP works well, but when I try to ping a name (google.es e.g.), it is not working.

Thanks in advance,
Álvaro

[linouxis9]

Hi @avrodriguezgrad,

Thank you for the kind words! Thank you for the great work on the Gradiant project as well!
I think you are hitting an issue similar to this one https://people.kernel.org/dsahern/management-vrf-and-dns

Does it work if you set as nameserver 1.1.1.1 in /etc/resolv.conf?

Thanks and cheers,
Valentin

[avrodriguezgrad]

Yes, it works! The problem is what the article says about isolation of vrf. resolv.conf was configured with 127.0.0.53, so vrf interface does not reach DNS servers. If I set a different nameserver, it works.

Now, I have to figure out how to config this automatically, but I assume that this will not be a problem when implementing eBPF.

Thanks,
Álvaro

[linouxis9]

The big issue, is that in Linux, you cannot set a nameserver per VRF.
So you'll have an issue either with your UE if you choose a nameserver reachable only by your host (systemd-resolved 127.0.0.53), or with your host if you choose a nameserver reachable only by your UE / through the GTP-U tunnel.

This won't be an issue if you run PacketRusher inside a container however, as the /etc/resolv.conf will affect only the container's domain resolution.

Cheers,
Valentin