Skip to content

29.1.0 breaks the embedded DNS resolver #51614

New issue
New issue
Closed
#51615
Closed
29.1.0 breaks the embedded DNS resolver#51614
#51615
Labels
area/networkingNetworkingarea/networking/dnsNetworkingkind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/confirmedversion/29.1
@afonsofrancof

Description

@afonsofrancof
afonsofrancof
opened on Nov 28, 2025

Description

Updating from 29.0.4 to 29.1.0 breaks all DNS connectivity between containers and the embedded DNS resolver.

127.0.0.11#53 rejects connectivity on port 53.

Every process outputs this (management being my container name in this example)

tcp: lookup management on 127.0.0.11:53: server misbehaving

When trying to nslookup from inside a container I get this

nslookup management 127.0.0.11
Server:		127.0.0.11
Address:	127.0.0.11:53

** server can't find management: SERVFAIL

** server can't find management: SERVFAIL

Reproduce

  1. Upgrade to 29.0.1
  2. That's it.

Expected behavior

DNS should work

docker version

Client: Docker Engine - Community
 Version:           29.1.0
 API version:       1.52
 Go version:        go1.25.4
 Git commit:        360952c
 Built:             Thu Nov 27 16:42:45 2025
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          29.1.0
  API version:      1.52 (minimum version 1.44)
  Go version:       go1.25.4
  Git commit:       710302e
  Built:            Thu Nov 27 16:42:45 2025
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v2.1.5
  GitCommit:        fcd43222d6b07379a4be9786bda52438f0dd16a1
 runc:
  Version:          1.3.3
  GitCommit:        v1.3.3-0-gd842d771
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Client: Docker Engine - Community
 Version:    29.1.0
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.30.1
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.40.3
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 48
  Running: 45
  Paused: 0
  Stopped: 3
 Images: 57
 Server Version: 29.1.0
 Storage Driver: btrfs
  Btrfs:
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 CDI spec directories:
  /etc/cdi
  /var/run/cdi
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: fcd43222d6b07379a4be9786bda52438f0dd16a1
 runc version: v1.3.3-0-gd842d771
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 6.12.57+deb13-amd64
 Operating System: Debian GNU/Linux 13 (trixie)
 OSType: linux
 Architecture: x86_64
 CPUs: 16
 Total Memory: 28.3GiB
 Name: togepi
 ID: 41fd9997-a498-44ae-90ee-35b16015c244
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  ::1/128
  127.0.0.0/8
 Live Restore Enabled: false
 Firewall Backend: iptables

Additional Info

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/networkingNetworkingarea/networking/dnsNetworkingkind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/confirmedversion/29.1

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions