docker-Jackettvpn
docker-Jackettvpn copied to clipboard
Published
20 hours ago •
DyonR
DyonR
DNS not working in the container
I have just pulled this image onto my Synology DS918+. It started fine but DNS does not work.
in console of the container:
# cat /etc/resolv.conf
nameserver 10.27.0.1
domain ngs
nameserver 1.1.1.1
nameserver 8.8.8.8
nameserver 1.0.0.1
nameserver 8.8.4.4
# ping yahoo.com
ping: yahoo.com: Temporary failure in name resolution
# ping -n 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=340 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=58 time=297 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=58 time=299 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=58 time=300 ms
Docker version:
$ docker -v
Docker version 18.09.8, build bfed4f5
container config:
$ sudo docker container inspect dyonr-jackettvpn1
[
{
"Id": "b11700c80ccf31f9e7116b283787bf166fc5389354ddf416a1e8b346b1c632bc",
"Created": "2020-06-04T17:39:29.947900219Z",
"Path": "/bin/bash",
"Args": [
"/etc/openvpn/start.sh"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 2355,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-06-04T22:04:10.72804413Z",
"FinishedAt": "2020-06-04T22:02:13.913532876Z",
"Health": {
"Status": "unhealthy",
"FailingStreak": 5,
"Log": [
{
"Start": "2020-06-04T23:09:10.729436095+01:00",
"End": "2020-06-04T23:09:10.951674992+01:00",
"ExitCode": 1,
"Output": "Host not set! Set env 'HEALTH_CHECK_HOST'. For now, using default one.one.one.one\nNetwork is down\nping: one.one.one.one: Temporary failure in name resolution\n"
},
{
"Start": "2020-06-04T23:14:11.209003961+01:00",
"End": "2020-06-04T23:14:11.499489921+01:00",
"ExitCode": 1,
"Output": "Host not set! Set env 'HEALTH_CHECK_HOST'. For now, using default one.one.one.one\nping: one.one.one.one: Temporary failure in name resolution\nNetwork is down\n"
},
{
"Start": "2020-06-04T23:19:12.39600456+01:00",
"End": "2020-06-04T23:19:12.743452191+01:00",
"ExitCode": 1,
"Output": "Host not set! Set env 'HEALTH_CHECK_HOST'. For now, using default one.one.one.one\nping: one.one.one.one: Temporary failure in name resolution\nNetwork is down\n"
},
{
"Start": "2020-06-04T23:24:13.44266883+01:00",
"End": "2020-06-04T23:24:13.659415975+01:00",
"ExitCode": 1,
"Output": "Host not set! Set env 'HEALTH_CHECK_HOST'. For now, using default one.one.one.one\nping: one.one.one.one: Temporary failure in name resolution\nNetwork is down\n"
},
{
"Start": "2020-06-04T23:29:13.899225108+01:00",
"End": "2020-06-04T23:29:14.106987756+01:00",
"ExitCode": 1,
"Output": "Host not set! Set env 'HEALTH_CHECK_HOST'. For now, using default one.one.one.one\nping: one.one.one.one: Temporary failure in name resolution\nNetwork is down\n"
}
]
},
"StartedTs": 1591308250,
"FinishedTs": 1591308133
},
"Image": "sha256:b1ceafaaa3cbbe88abd4990f8713b8c331f73aa2e236dd2fb86bae0af2c7f116",
"ResolvConfPath": "/volume2/@docker/containers/b11700c80ccf31f9e7116b283787bf166fc5389354ddf416a1e8b346b1c632bc/resolv.conf",
"HostnamePath": "/volume2/@docker/containers/b11700c80ccf31f9e7116b283787bf166fc5389354ddf416a1e8b346b1c632bc/hostname",
"HostsPath": "/volume2/@docker/containers/b11700c80ccf31f9e7116b283787bf166fc5389354ddf416a1e8b346b1c632bc/hosts",
"LogPath": "/volume2/@docker/containers/b11700c80ccf31f9e7116b283787bf166fc5389354ddf416a1e8b346b1c632bc/log.db",
"Name": "/dyonr-jackettvpn1",
"RestartCount": 0,
"Driver": "btrfs",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "unconfined",
"ExecIDs": [
"23133b5c7a01c48b4eecdbd433db47ec38490a61588c2316b9897e544e06e72f"
],
"HostConfig": {
"Binds": [
"/volume2/Media/torrents/watch:/blackhole:rw",
"/volume2/Media/Docker Configs/jackettvpn/config:/config:rw"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "db",
"Config": {}
},
"NetworkMode": "bridge",
"PortBindings": {
"9117/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "9117"
}
]
},
"RestartPolicy": {
"Name": "always",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": null,
"DnsOptions": null,
"DnsSearch": null,
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "shareable",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": true,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Env": [
"WEBUI_PORT=9117",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"DEBIAN_FRONTEND=noninteractive",
"XDG_DATA_HOME=/config",
"XDG_CONFIG_HOME=/config",
"VPN_ENABLED=yes",
"LAN_NETWORK=10.27.0.0/24",
"TZ=Europe/London",
"PGID=100",
"PUID=1038"
],
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 50,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": null,
"DeviceCgroupRules": null,
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": null,
"Name": "btrfs"
},
"Mounts": [
{
"Type": "bind",
"Source": "/volume2/Media/torrents/watch",
"Destination": "/blackhole",
"Mode": "rw",
"RW": true,
"Propagation": "rprivate"
},
{
"Type": "bind",
"Source": "/volume2/Media/Docker Configs/jackettvpn/config",
"Destination": "/config",
"Mode": "rw",
"RW": true,
"Propagation": "rprivate"
}
],
"Config": {
"Hostname": "dyonr-jackettvpn1",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"9117/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"WEBUI_PORT=9117",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"DEBIAN_FRONTEND=noninteractive",
"XDG_DATA_HOME=/config",
"XDG_CONFIG_HOME=/config",
"VPN_ENABLED=yes",
"LAN_NETWORK=10.27.0.0/24",
"TZ=Europe/London",
"PGID=100",
"PUID=1038"
],
"Cmd": [
"/bin/bash",
"/etc/openvpn/start.sh"
],
"Healthcheck": {
"Test": [
"CMD-SHELL",
"/etc/jackett/healthcheck.sh"
],
"Interval": 300000000000
},
"Image": "dyonr/jackettvpn:latest",
"Volumes": {
"/blackhole": {},
"/config": {}
},
"WorkingDir": "/opt",
"Entrypoint": null,
"OnBuild": null,
"Labels": {},
"DDSM": false
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "baab0fad0379a8d3730bb467f13f0d2b48bff5636bca7635c71e5df748cc5716",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"9117/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "9117"
}
]
},
"SandboxKey": "/var/run/docker/netns/baab0fad0379",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "fdbb68cf9ba963fde68880bbdffe8e0b43c5433e5c8b92dabb4ca68474f27310",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:03",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "8cb67d92dd634e17db3b2c3e2f2965dc2dd6ad62eb74a672c5414462d75df97c",
"EndpointID": "fdbb68cf9ba963fde68880bbdffe8e0b43c5433e5c8b92dabb4ca68474f27310",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:03",
"DriverOpts": null
}
}
}
}
]
log:
dyonr-jackettvpn1
date,stream,content
2020-06-04 22:04:20,stdout,2020-06-04 23:04:20.669821 [info] Started Jackett daemon successfully...
2020-06-04 22:04:20,stdout,2020-06-04 23:04:20.628109 [info] Jackett PID: 216
2020-06-04 22:04:19,stdout,Logging to /config/Jackett/Logs/log.txt.
2020-06-04 22:04:19,stdout,2020-06-04 23:04:19.551432 [info] Starting Jackett daemon...
2020-06-04 22:04:19,stdout,"2020-06-04 23:04:19.489133 [warn] UMASK not defined (via -e UMASK), defaulting to '002'
"
2020-06-04 22:04:19,stdout,useradd: user 'jackett' already exists
2020-06-04 22:04:19,stdout,"An user with PUID 1038 does not exist, adding an user called 'jackett user' with PUID 1038
"
2020-06-04 22:04:19,stdout,groupadd: GID '100' already exists
2020-06-04 22:04:19,stdout,"A group with PGID 100 does not exist, adding a group called 'jackett' with PGID 100
"
2020-06-04 22:04:19,stdout,--------------------
2020-06-04 22:04:19,stdout,-A OUTPUT -o lo -j ACCEPT
2020-06-04 22:04:19,stdout,-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
2020-06-04 22:04:19,stdout,-A OUTPUT -o eth0 -p tcp -m tcp --sport 9117 -j ACCEPT
2020-06-04 22:04:19,stdout,-A OUTPUT -o eth0 -p tcp -m tcp --dport 9117 -j ACCEPT
2020-06-04 22:04:19,stdout,-A OUTPUT -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2020-06-04 22:04:19,stdout,-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
2020-06-04 22:04:19,stdout,-A OUTPUT -o tun0 -j ACCEPT
2020-06-04 22:04:19,stdout,-A INPUT -i lo -j ACCEPT
2020-06-04 22:04:19,stdout,-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
2020-06-04 22:04:19,stdout,-A INPUT -i eth0 -p tcp -m tcp --sport 9117 -j ACCEPT
2020-06-04 22:04:19,stdout,-A INPUT -i eth0 -p tcp -m tcp --dport 9117 -j ACCEPT
2020-06-04 22:04:19,stdout,-A INPUT -i eth0 -p udp -m udp --sport 1194 -j ACCEPT
2020-06-04 22:04:19,stdout,-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
2020-06-04 22:04:19,stdout,-A INPUT -i tun0 -j ACCEPT
2020-06-04 22:04:19,stdout,-P OUTPUT DROP
2020-06-04 22:04:19,stdout,-P FORWARD ACCEPT
2020-06-04 22:04:19,stdout,-P INPUT DROP
2020-06-04 22:04:19,stdout,--------------------
2020-06-04 22:04:19,stdout,2020-06-04 23:04:19.400166 [info] iptables defined as follows...
2020-06-04 22:04:19,stdout,2020-06-04 23:04:19.294773 [info] Docker network defined as 172.17.0.0/16
2020-06-04 22:04:19,stdout,"2020-06-04 23:04:19.196178 [info] iptable_mangle support detected, adding fwmark for tables
"
2020-06-04 22:04:19,stdout,"x_tables 16302 19 ip6table_filter,xt_ipvs,xt_iprange,xt_mark,xt_recent,ip_tables,xt_tcpudp,ipt_MASQUERADE,xt_limit,xt_state,xt_conntrack,xt_LOG,xt_nat,xt_multiport,iptable_filter,xt_REDIRECT,iptable_mangle,ip6_tables,xt_addrtype
"
2020-06-04 22:04:19,stdout,"ip_tables 14092 3 iptable_filter,iptable_mangle,iptable_nat
"
2020-06-04 22:04:19,stdout,iptable_mangle 1656 0
2020-06-04 22:04:19,stdout,--------------------
2020-06-04 22:04:19,stdout,172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.3
2020-06-04 22:04:19,stdout,128.0.0.0/1 via 10.8.0.5 dev tun2001
2020-06-04 22:04:19,stdout,42.3.114.43 via 172.17.0.1 dev eth0
2020-06-04 22:04:19,stdout,10.27.0.0/24 via 172.17.0.1 dev eth0
2020-06-04 22:04:19,stdout,10.8.0.5 dev tun2001 proto kernel scope link src 10.8.0.6
2020-06-04 22:04:19,stdout,10.8.0.0/24 via 10.8.0.5 dev tun2001
2020-06-04 22:04:19,stdout,default via 172.17.0.1 dev eth0
2020-06-04 22:04:19,stdout,0.0.0.0/1 via 10.8.0.5 dev tun2001
2020-06-04 22:04:19,stdout,--------------------
2020-06-04 22:04:19,stdout,2020-06-04 23:04:19.125603 [info] ip route defined as follows...
2020-06-04 22:04:19,stdout,2020-06-04 23:04:19.058319 [info] Adding 10.27.0.0/24 as route via docker eth0
2020-06-04 22:04:18,stdout,2020-06-04 23:04:18.986580 [info] WebUI port defined as 9117
2020-06-04 22:04:18,stdout,Thu Jun 4 23:04:18 2020 Initialization Sequence Completed
2020-06-04 22:04:18,stdout,Thu Jun 4 23:04:18 2020 /sbin/ip addr add dev tun2001 local 10.8.0.6 peer 10.8.0.5
2020-06-04 22:04:18,stdout,Thu Jun 4 23:04:18 2020 /sbin/ip link set dev tun2001 up mtu 1500
2020-06-04 22:04:18,stdout,"Thu Jun 4 23:04:18 2020 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
"
2020-06-04 22:04:18,stdout,Thu Jun 4 23:04:18 2020 TUN/TAP device tun2001 opened
2020-06-04 22:04:13,stdout,Thu Jun 4 23:04:13 2020 [TS Series NAS] Peer Connection Initiated with [AF_INET]42.3.114.43:1194
2020-06-04 22:04:12,stdout,Thu Jun 4 23:04:12 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2020-06-04 22:04:11,stdout,Thu Jun 4 23:04:11 2020 UDP link remote: [AF_INET]42.3.114.43:1194
2020-06-04 22:04:11,stdout,Thu Jun 4 23:04:11 2020 UDP link local: (not bound)
2020-06-04 22:04:11,stdout,Thu Jun 4 23:04:11 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]42.3.114.43:1194
2020-06-04 22:04:11,stdout,Thu Jun 4 23:04:11 2020 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2020-06-04 22:04:11,stdout,"Thu Jun 4 23:04:11 2020 library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08
"
2020-06-04 22:04:11,stdout,Thu Jun 4 23:04:11 2020 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
2020-06-04 22:04:11,stdout,Thu Jun 4 23:04:11 2020 WARNING: file 'credentials.conf' is group or others accessible
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.876133 [info] Starting OpenVPN...
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.818770 [info] Adding 8.8.4.4 to resolv.conf
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.758125 [info] Adding 1.0.0.1 to resolv.conf
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.696883 [info] Adding 8.8.8.8 to resolv.conf
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.632232 [info] Adding 1.1.1.1 to resolv.conf
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.567727 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2020-06-04 22:04:11,stdout,"2020-06-04 23:04:11.500065 [warn] NAME_SERVERS not defined (via -e NAME_SERVERS), defaulting to CloudFlare and Google name servers
"
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.438267 [info] LAN_NETWORK defined as '10.27.0.0/24'
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.377521 [info] VPN_DEVICE_TYPE defined as 'tun0'
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.314544 [info] VPN_PROTOCOL defined as 'udp'
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.247553 [info] VPN_PORT defined as '1194'
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.185873 [info] VPN_REMOTE defined as 'alanlee.no-ip.com'
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.118542 [info] VPN remote line defined as 'alanlee.no-ip.com 1194'
2020-06-04 22:04:11,stdout,dos2unix: converting file /config/openvpn/alanlee.no-ip.com.ovpn to Unix format...
2020-06-04 22:04:11,stdout,2020-06-04 23:04:11.043440 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/alanlee.no-ip.com.ovpn
2020-06-04 22:04:10,stdout,2020-06-04 23:04:10.973548 [info] VPN_ENABLED defined as 'yes'
I've looked at your config, but I don't see anything that stands out to me as a configuration error.
Could you maybe run the following commands to see what actual DNS server gets used for name resolution:
apt update && apt -y install dnsutils to install dnsutils, which includes nslookup
nslookup yahoo.com to see which server it tries to resolve with
nslookup yahoo.com 1.1.1.1 to force using CloudFlare's DNS (can also change to 8.8.8.8 if you prefer Google)
Thanks for your prompt reply. When VPN_ENABLED was set to no.
# nslookup yahoo.com
Server: 10.27.0.1
Address: 10.27.0.1#53
Non-authoritative answer:
Name: yahoo.com
Address: 98.138.219.232
Name: yahoo.com
Address: 72.30.35.10
Name: yahoo.com
Address: 98.138.219.231
Name: yahoo.com
Address: 98.137.246.7
Name: yahoo.com
Address: 72.30.35.9
Name: yahoo.com
Address: 98.137.246.8
Name: yahoo.com
Address: 2001:4998:58:1836::11
Name: yahoo.com
Address: 2001:4998:44:41d::3
Name: yahoo.com
Address: 2001:4998:44:41d::4
Name: yahoo.com
Address: 2001:4998:c:1023::4
Name: yahoo.com
Address: 2001:4998:58:1836::10
Name: yahoo.com
Address: 2001:4998:c:1023::5
when VPN_ENABLED was set to yes.
# nslookup yahoo.com
;; connection timed out; no servers could be reached
# nslookup yahoo.com 1.1.1.1
;; connection timed out; no servers could be reached
# nslookup yahoo.com 8.8.8.8
;; connection timed out; no servers could be reached
That's really weird.
I'd almost say that it may be something with your VPN provider/server that causes the issue.
If you use the OpenVPN Connect Client on, for example a Windows device, and use the same config file, does that work fine?
Albeit the VPN server is a bit old, both my phones and desktop work with the same config file and cert. Thought I need to force AES-CBC on my iPhone in order to work.
Looking at your config again, the only difference that stands out to me is that your HostConfig has Dns, DnsOptions and DnsSearch set to null, while mine are set to []. I don't exactly know if this matters, I also tried to setting mine to null, but mine keeps automatically reverting back to [].
I also use Docker version 19.03.5, build 633a0ea838.
I wish I could help you more, but I honestly don't see what can cause this issue :(
The config looked good to me too. @0xd34b33f @janusn Have you tried a local dns server which your router/vpn server might be or the vpn provider provides ?
@0xd34b33f I have tried "docker run --dns 8.8.8.8". It didn't solve the problem. :(
@Technikte Using docker run -e "NAME_SERVERS=
# cat /etc/resolv.conf
nameserver 10.27.0.1
domain ngs
nameserver 203.198.7.66
nameserver 218.102.23.230
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 208.67.222.222
nameserver 208.67.220.220
# ping google.com
ping: google.com: Temporary failure in name resolution
I have tried another image dperson/openvpn-client. The DNS works fine with that container. The reason I prefer this image is, that solution cannot be managed in the WebUI of Synology.
I am having exactly the same problem as the OP. I use this docker image in unRAID and I have no DNS functionality when openvpn is enabled and running. My VPN provider is ExpressVPN. I know that DNS works through them properly because I have another docker (binhex-qBittorrent) that also uses the same VPN connection absolutely fine. Also, I have one unRAID server that, when online, uses this VPN connection without any issues for the entire server. if I set VPN to no in the docker config, DNS works just fine.
Had the same issue on my DSM and found resolution on a Stackoverflow answer:
Had exactly the same issue on my new Synology, While searching for a solution i came around this question. Fortunately i could resolve the issue on my system, it was a just a checkmark where i accidentaily enabled multiple Gateways. This setting is in Control Panel>Network>Advanced Setting
just uncheck this solved it on my system
