Problem with DNS configuration after upgrade to TrueNAS-13.0-U5.1

[-fun-]

I updated my box to 13.0 yesterday and experienced a problem with DNS. When I tried to set up a simple jail I found that pkg did not work. Name resolution did not work at all. Investigating further I found that /etc/resolv.conf had no nameserver for IPv4.

dig on TrueNAS works, however when I forced dig to use IPv4 (dig -4) this did not work. Apparently name resolution was limited to IPv6. Jails without IPv6 configured are thus left without name resolution.

I manually added my name server (equivalent to my default gateway) to /etc/resolv.conf. After this creating the jail worked as expected.

Of course this has worked before the update (TrueNAS 12 something) and of course the name servers are configured in TrueNAS correctly. Obviously the generation of /etc/resolv.conf is faulty.

Is this a know issue? Can I expect the workaround (manually editing resolv.conf) to persist, i.e. has this been a one time occurrence due to the upgrade to 13.0?

 

[winstontj]

Did you ever get this sorted?
I just did the update yesterday to 13.0-U5.1 and when the machine rebooted I'm getting DNS and AD DS errors and stuff I've never seen before.
My task manager shows:

Code:

smb.synchronize_group_mappings 0.00%

Status: FAILED
Start Time: 21 June, 2023 09:59:21
Finished Time: 21 June, 2023 09:59:22
Error: [EFAULT] Failed to get domain info for FQDN: failed to call wbcDomainInfo: WBC_ERR_WINBIND_NOT_AVAILABLE Could not get domain info

and I'm also getting this:

Configuration for trusted domains requires that the idmap backend be configured to handle these domains. There are two possible strategies to achieve this. The first strategy is to use the AUTORID backend for the domain to which TrueNAS is joined. The second strategy is to separately configure idmap ranges for every domain that has a trust relationship with the domain to which TrueNAS is joined and which has accounts that will be used on the TrueNAS server. NOTE: the topic of how to properly map Windows SIDs to Unix IDs is complex and may require consultation with administrators of other Unix servers in the Active Directory domain to properly coordinate a comprehensive ID mapping strategy.

Not really sure what to do to fix it or maybe should I roll back to whatever I was on previously? (I think just 13.0)

 

[-fun-]

Good news: Yes.

In my case the network interface was set to autoconfigure IPv6. This means it will look for router advertisements and configure itself a valid IPv6 address. This also configures an IPv6 name server. All of this is fine, however because TrueNAS finds an advertised name server it simply ignores the IPv4 nameservers explicitly and statically configured in TrueNAS.

This worked for TrueNAS in my case, because the IPv6 name resolution is operating just fine. This may not be the case in your setup.

The problem in my case was that all my jails inherit the name resolution settings even if they do not even have IPv6 configured. No IPv6 stack but only an IPv6 nameserver doesn't work of course.

I simply switched off IPv6 autoconfiguration n TrueNAS. (In theory IPv6 should coexist seemlessly with IPv4, but in my experience this is often not as simple as it seems.)

If you don't need IPv6 I recommend to try and just switch it off.