Hello, I have a problem with DNS responses from VyOS when a request is sent from the VRF interface. The DNS response is sent through the default VRF which has no return route, so the traffic is routed through the default gateway. Am I wrong or should VyOS (10.1.12.2) respond with its own eth9 interface that has a VRF set up?
show interfaces ethernet eth9
address 10.1.12.2/24
description kube1
vrf kube1
show ip route vrf kube1
VRF kube1:
S>* 0.0.0.0/0 [1/0] via 10.0.255.65, eth1 (vrf default), weight 1, 09:05:46
C>* 10.1.12.0/24 is directly connected, eth9, 09:06:02
B>* 10.255.128.0/25 [20/0] via 10.1.12.21, eth9, weight 1, 09:04:25
tcpdump for ping:
22:44:45.952019 eth9 In IP 10.255.128.34 > 10.1.12.2: ICMP echo request, id 42967, seq 1, length 64
22:44:45.952229 eth9 Out IP 10.1.12.2 > 10.255.128.34: ICMP echo reply, id 42967, seq 1, length 64
tcpdump for dns:
22:32:19.404605 eth9 In IP 10.255.128.34.57176 > 10.1.12.2.domain: 46654+ [1au] A? seznam.cz. (50)
22:32:19.418454 eth1 Out IP 10.1.12.2.domain > 10.255.128.34.57176: 46654 2/0/1 A 77.75.79.222, A 77.75.77.222 (70)
Version: VyOS 1.4-rolling-202301151434
Release train: current
Built by: [email protected]
Built on: Sun 15 Jan 2023 14:34 UTC
Build UUID: 0b5a5058-ba0b-4a31-a6ce-81eb91b1107b
Build commit ID: a7ab213d74e4f1
Architecture: x86_64
Boot via: installed image
System type: KVM guest
Hardware vendor: QEMU
Hardware model: Standard PC (i440FX + PIIX, 1996)
Hardware S/N:
Hardware UUID: da0b6b02-edbc-4723-a919-c697be508f80
Copyright: VyOS maintainers and contributors