Query related to introducing traffic redirection rules with iptables
I am trying to forward localhost DNS requests in an alpine container deployed in an ECS task that are originally intended to port 53 to port 8700 where I have a custom DNS resolver running on my box.
I have made sure to add 127.0.0.1 as the first nameserver in /etc/resolv.conf To support traffic redirection I added the following commands to modify iptable NAT rules Code:
/# iptables -t nat -N DNS_REDIRECT This is output of the rules present in the NAT table Code:
/ # iptables -t nat -L -v The DNS server on 8700 is running fine and serving responses properly. I was able to verify this with dig -p 8700 foo.com. On executing dig foo.com, I get the following error ;; communications error to 127.0.0.1#53: timed out ;; communications error to 127.0.0.1#53: timed out ;; communications error to 127.0.0.1#53: timed out ;; communications error to 127.0.0.1#53: timed out ;; communications error to 127.0.0.1#53: timed out From application logs, I can see that the DNS server has responded back with the correct response, but iptable rules are somehow mangling the UDP packets. Can someone help me debug this further? |
All times are GMT -5. The time now is 10:43 PM. |