Issue with resolving external name from pod

philkube · October 10, 2025, 12:24pm

Hi,

Sorry for my English I’m French.

I’ve an issue with resolving/pinging external name/domain on pods (deploy/cronjob).

Sometime (but a lot of time) a pod can’t resolve or ping a name like www.google.fr. The result is the following:

ping: connect: Network is unreachable

nslookup is KO too.

But if I try some minutes after it’s OK.

I’ve a personal DNS installed on a server.

Coredns:

apiVersion: v1

data:

Corefile: |

.:53 {

    errors

    health {

       lameduck 5s

    }

    ready

    kubernetes cluster.local in-addr.arpa ip6.arpa {

       pods insecure

       fallthrough in-addr.arpa ip6.arpa

       ttl 30

    }

    **prometheus** :9153

    forward . /etc/resolv.conf 1.1.1.1 {

       max_concurrent 1000

    }

    cache 30 {

       disable success cluster.local

       disable denial cluster.local

    }

    loop

    reload

    loadbalance

}

local.mydomain:53 {

   errors

   cache 30

   forward . 192.168.1.180

}

All my deploy/cronjobs/jobs have “dnsPolicy: ClusterFirst”.

Thank’s for your help.

Cluster information:

Kubernetes version: v1.34.1
Cloud being used:
Installation method:
Host OS: Rocky Linux
CNI and version: flannel, v1.8.0
CRI and version: cri-dockerd, v0.3.20

Rahul_Yadav · October 11, 2025, 1:34pm

I think the issue not with your coredns but rather with your CNI that is flannel

but still could you share logs of coredns from the time when see the issue and also is flannel pods are running do you see any restarts?

and also could you check this on each node
ip route | grep flannel

Should show routes like: 10.244.X.0/24 via 10.244.x.0 dev flannel.1

philkube · October 11, 2025, 2:20pm

coredns logs:

maxprocs: Leaving GOMAXPROCS=4: CPU quota undefined

.:53

local.mydomain.:53

[INFO] plugin/reload: Running configuration SHA512 = afeb37bccf97106ac5da5c18b2484aca5dc2ca6ec6ade91e44fc3c13c0357965fa588455553e5c70c8b2eedfee7b6a58ba4a54df0c9dba494364bd6910e1ea9d

CoreDNS-1.12.1

linux/arm64, go1.24.1, 707c7c1

[INFO] Reloading

[INFO] plugin/reload: Running configuration SHA512 = ed2f1ea4a03a5f8b082990be99a306136c80a4ffc49c061bba84ac7c8c9a285d9d9b377bf1dd57eb35278d620f8728cf2dae78c65c0fed16a408ba957c86297c

[INFO] Reloading complete

flannel pods are running and any restarts.

ip route | grep flannel:

10.244.1.0/24 via 10.244.1.0 dev flannel.1 onlink

10.244.3.0/24 via 10.244.3.0 dev flannel.1 onlink

Topic		Replies	Views
Unable to resolve pod to pod (coredns) General Discussions coredns	3	4257	August 13, 2020
CoreDNS and problem with resolving hostnames General Discussions	6	9536	November 1, 2021
Problem with DNS resolucion (only sometimes) General Discussions	1	1304	October 5, 2018
External domain name resolution is not working inside pods General Discussions coredns , network	4	2249	September 27, 2024
CoreDNS service pingable, but DNS resolution is not querying the service General Discussions	1	4707	December 11, 2019

Issue with resolving external name from pod

Cluster information:

Related topics