1

I would like to use a hostname instead of IP address as a destination's host in Bluemix Secure Gateway. I use the docker Secure Gateway Client. I tried to realize it by editing /etc/hosts of the host os in which the docker Secure Gateway Client is installed and by running the SG Client with --net=“host” or --add-host=hosname:IP address. Secure Gateway Service seems not to use DNS regarding the following Q&A's Answer, so I tried to use /etc/hosts.

How to resolve SG Client's ENOTFOUND error

But I couldn't succeed, SG Client got ENOTFOUND. Could you teach me how to make Secure Gateway Client to resolve the hostname of the destination's host.

[results of --net=“host“]

  • I confirmed the host os resolved the hostname.

    #ping httpserver1 PING httpserver1 (192.168.56.1) 56(84) bytes of data. 64 bytes from httpserver1 (192.168.56.1): icmp_seq=1 ttl=128 time=7.10 ms 64 bytes from httpserver1 (192.168.56.1): icmp_seq=2 ttl=128 time=6.89 ms

  • I ran SGClient with --net=“host“

    # docker run -it ibmcom/secure-gateway-client XXXXXXXXXX --net=“host“
    IBM Bluemix Secure Gateway Client Version 1.2.1

    [2015-07-08 15:47:01.097] [INFO] The Secure Gateway tunnel is connected

  • SG Client got ENOTFOUND error

    #[2015-07-08 15:47:01.097] [INFO] The Secure Gateway tunnel is connected
    [2015-07-08 15:57:08.588] [INFO] Connection #3 is being established to httpserver1:3000
    [2015-07-08 15:57:16.602] [ERROR] Connection #3 to destination httpserver1:3000 had error: ENOTFOUND
    [2015-07-08 15:57:16.603] [INFO] Connection #3 to httpserver1:3000 was closed

*SG seems to support --net=“host“ regarding the SG docs, but it seems not work well. https://www.ng.bluemix.net/docs/troubleshoot/SecureGateway/ts_index.html#ts_sg

[results of --add-host=httpserver1:192.168.56.1]

  • I ran SGClient with --add-host=httpserver1:192.168.56.1

    #docker run -it ibmcom/secure-gateway-client XXXXXXXXXX --add-host="httpserver1:192 .168.56.1" IBM Bluemix Secure Gateway Client Version 1.2.1 [2015-07-08 16:09:20.028] [INFO] The Secure Gateway tunnel is connected

  • SG Client got ENOTFOUND error

    [2015-07-08 16:09:37.214] [INFO] Connection #5 is being established to httpserver1:3000 [2015-07-08 16:09:45.231] [ERROR] Connection #5 to destination httpserver1:3000 had error: ENOTFOUND [2015-07-08 16:09:45.232] [INFO] Connection #5 to httpserver1:3000 was closed

Community
  • 1
  • 1
shimac-jp
  • 233
  • 3
  • 11

1 Answers1

0

I think the only way to get this to work locally is if you get your internal IT group to add the name of that host to the DNS. Remember updates to the /etc/hosts file are local in scope, no other machines will use that information to resolve your hostname to that IP. I this case you are asking the Secure Gateway server in Bluemix to find something that you have defined locally in your own class C/D subnet, it cannot do that without a DNS change.

Another alternative would be to try and use the docker '--dns ' parameter, providing the ip address of the DNS that is reachable.

doktoroblivion
  • 428
  • 3
  • 14