What version of WinBoat are you running?
v0.9.0
Your Environment
- Distro & DE: Archlinux and KDE
- Network mode: NAT
Steps to Reproduce / Context
When the WinBoat container is running with default DHCP DNS settings, Windows can resolve host.lan (for the Samba home folder share) but internet connectivity randomly fails. Setting Windows DNS manually to 8.8.8.8 restores internet but breaks host.lan resolution, making the home folder share inaccessible.
Root Cause
The issue is in how dnsmasq forwards DNS queries inside the container.
In NAT mode, configureDNS() in /run/network.sh does not create /etc/resolv.dnsmasq. dnsmasq falls back to /etc/resolv.conf, which points to Docker's internal DNS (127.0.0.11). On hosts with Tailscale (or other DNS-based VPNs), this chain becomes:
Windows (172.30.0.2) → dnsmasq (172.30.0.1) → Docker DNS (127.0.0.11) → Tailscale DNS (100.100.100.100)
This forwarding chain is unreliable, DNS queries randomly time out, causing both host.lan and internet resolution to fail intermittently.
Steps to Reproduce
- Start WinBoat container on a host with Tailscale (or other DNS-based VPN) active
Temporary Fix (Not Persistent)
Created /etc/resolv.dnsmasq inside the container with external DNS servers:
nameserver 8.8.8.8
nameserver 1.1.1.1
nameserver 8.8.4.4
Then restarted dnsmasq. Log confirms it now uses external DNS:
Jun 23 18:01:05 dnsmasq[653]: reading /etc/resolv.dnsmasq
Jun 23 18:01:05 dnsmasq[653]: using nameserver 8.8.8.8#53
Jun 23 18:01:05 dnsmasq[653]: using nameserver 1.1.1.1#53
Jun 23 18:01:05 dnsmasq[653]: using nameserver 8.8.4.4#53
This fix is temporary, /etc/resolv.dnsmasq is lost on container restart.
Logs
install.log
winboat.log
container.log
Expected Behavior
Windows should be able to resolve internet domains via dnsmasq forwarding to external DNS
Current Behavior
When the WinBoat container is running with default DHCP DNS settings, Windows can resolve host.lan (for the Samba home folder share) but internet connectivity randomly fails. Setting Windows DNS manually to 8.8.8.8 restores internet but breaks host.lan resolution, making the home folder share inaccessible.
Possible Solution
In network.sh, the configureDNS() function should create /etc/resolv.dnsmasq with external DNS servers (e.g., 8.8.8.8, 1.1.1.1) before starting dnsmasq, even in NAT mode. This ensures dnsmasq doesn't fall back to Docker's internal DNS, which may be unreliable depending on the host's network configuration.
Quality Notice
What version of WinBoat are you running?
v0.9.0
Your Environment
Steps to Reproduce / Context
When the WinBoat container is running with default DHCP DNS settings, Windows can resolve host.lan (for the Samba home folder share) but internet connectivity randomly fails. Setting Windows DNS manually to 8.8.8.8 restores internet but breaks host.lan resolution, making the home folder share inaccessible.
Root Cause
The issue is in how
dnsmasqforwards DNS queries inside the container.In NAT mode, configureDNS() in /run/network.sh does not create
/etc/resolv.dnsmasq.dnsmasqfalls back to/etc/resolv.conf, which points to Docker's internal DNS (127.0.0.11). On hosts with Tailscale (or other DNS-based VPNs), this chain becomes:Windows (172.30.0.2) →
dnsmasq(172.30.0.1) → Docker DNS (127.0.0.11) → Tailscale DNS (100.100.100.100)This forwarding chain is unreliable, DNS queries randomly time out, causing both host.lan and internet resolution to fail intermittently.
Steps to Reproduce
Temporary Fix (Not Persistent)
Created
/etc/resolv.dnsmasqinside the container with external DNS servers:Then restarted
dnsmasq. Log confirms it now uses external DNS:This fix is temporary,
/etc/resolv.dnsmasqis lost on container restart.Logs
install.log
winboat.log
container.log
Expected Behavior
Windows should be able to resolve internet domains via dnsmasq forwarding to external DNS
Current Behavior
When the WinBoat container is running with default DHCP DNS settings, Windows can resolve host.lan (for the Samba home folder share) but internet connectivity randomly fails. Setting Windows DNS manually to 8.8.8.8 restores internet but breaks host.lan resolution, making the home folder share inaccessible.
Possible Solution
In
network.sh, the configureDNS() function should create/etc/resolv.dnsmasqwith external DNS servers (e.g., 8.8.8.8, 1.1.1.1) before startingdnsmasq, even in NAT mode. This ensuresdnsmasqdoesn't fall back to Docker's internal DNS, which may be unreliable depending on the host's network configuration.Quality Notice