I have been plagued by this error in some of my jails for a long time:
$ dig foo.bar ;; reply from unexpected source: 18.104.22.168#53, expected 127.0.0.1#53
telnet itself works fine, it's just that dig and friends give this strange error. What is also strange is that the tcpdump output doesn't reflect the settings in /etc/resolv.conf:
$ cat /etc/resolv.conf search barnet.com.au server 22.214.171.124
And the tcpdump output:
# tcpdump -ni lo0 port 53 11:28:45.204241 IP 126.96.36.199.57276 > 188.8.131.52.53: 15750 A? www.ibm.com. (29) 11:28:45.218305 IP 184.108.40.206.53 > 220.127.116.11.57276: 15750- 0/4/4 (203)
Of course this was a configuration issue. In /etc/resolv.conf, the right statement is nameserver, not server. But the resolver in the jail looked through the /etc/resolv.conf of the host which contains 127.0.0.1.
But the final question is: Where does it get 18.104.22.168 from? It is the IP address of the jail, to which 127.0.0.1 silently gets translated to. But the resolver still expects it to come from the 127.0.0.1 number, and is for that reason throwing the warning.| Share on Facebook | Share on Twitter