On Wed, Sep 18, 2024 at 10:58:44AM +1000, David Gibson wrote: > On Tue, Sep 17, 2024 at 03:22:04PM +0000, Castelli, Anton wrote: > > David, > > > > Thank you very much for the quick reply! > > > > I tried querying the DNS with TCP and it worked correctly, using the > > VRRP address in the reply packet. Unfortunately, UDP is the default > > for DNS queries. > > Right. > > > Thanks for the advice about the options and the workaround. I had > > just copied them from the Podman docs and modified them slightly. I > > tried the '--publish 10.1.1.1:53:53/udp --publish > > 10.1.1.2:53:53/udp' options, and it worked great on the primary > > server that had the active VRRP address. I was able to query both > > the regular and VRRP addresses and get a response. Unfortunately, > > when I tried the same on the secondary server that doesn't have the > > VRRP address, it refused to bind to the non-existent '10.1.1.2' > > address. > > Ah, right, of course. I was just thinking about the primary, and > didn't consider how the secondaries would also need to listen on that > address at some future time. > > > I tried with both the publish options and got an error (10.1.1.3 is > > the regular IP of the secondary server). > > > > --publish 10.1.1.3:53:53/udp --publish 10.1.1.2:53:53/udp > > > > Error: unable to start container "XXXX": pasta failed with exit code 1: > > Altering mapping of already mapped port number: 10.1.1.2/53-53:53-53 > > This looks like a different bug - although one that I think will be > fixed by some work that's pretty close to the top of my queue. It's > not all that relevant for your case right now, because.. I just had a closer look at the code which produces this error. The error is not really correct here - it is a bug. However, it's issued as only a warning and I think this shouldn't actually break anything for your situation (assuming we can work around the other issues). -- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson