| 7 Sep 2025 |
 kraem | passwd: files systemd
group: files [success=merge] systemd
shadow: files systemd
sudoers: files
hosts: mymachines files myhostname dns
networks: files
ethers: files
services: files
protocols: files
rpc: files
| 08:01:37 |
|  sleepymonad changed their profile picture. | 09:12:54 |
| kraem | ok so i think i solved it:
sudo ip netns exec wg strace -e trace=network python3 -c "import socket; socket.getaddrinfo('dn.se', 80)" -> connect(3, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) -> it was using my hosts nscd
- temporarliy moved the nscd/socket file (long term i should mask it in the service netns)
spun up a dnsmasq in the netns which uses the upstream resolver i want bindmounted /etc/resolv.conf with nameserver 127.0.0.1 (where dnsmasq is listening in the netns)
| 09:24:46 |
| kraem | ok so i think i solved it:
sudo ip netns exec wg strace -e trace=network python3 -c "import socket; socket.getaddrinfo('dn.se', 80)" -> connect(3, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) -> it was using my hosts nscd
- temporarliy moved the nscd/socket file (long term i should mask it in the service netns)
spun up a dnsmasq in the netns which uses the upstream resolver i want bindmounted /etc/resolv.conf with nameserver 127.0.0.1 (where dnsmasq is listening in the netns)
| 09:25:04 |
| 8 Sep 2025 |
|  inayet set a profile picture. | 02:15:51 |
| 9 Sep 2025 |
|  aciceri changed their display name from zrsk to aciceri. | 15:02:08 |
|  Albert Larsan joined the room. | 19:55:37 |
| 10 Sep 2025 |
|  SomeoneSerge (back on matrix) changed their display name from SomeoneSerge (@nixcon & back on matrix) to SomeoneSerge (back on matrix). | 00:35:26 |
|  @nerves:bark.lgbt left the room. | 12:31:25 |
|  Frédéric Christ changed their display name from Frédéric Christ to Frédéric Christ (🚄 15.09. - 29.09.). | 13:46:19 |
|  matthewcroughan changed their display name from matthewcroughan @ nixcon to matthewcroughan. | 15:04:27 |
| 11 Sep 2025 |
 adamcstephens | systemctl service-log-level systemd-networkd.service debug . TIL | 02:19:53 |
 ghostbuster91 | hi folks, I am using mesh vpn with headscale, adguard DNS and avahi mDNS. How do I now make mDNS addresses available to the vpn network? GPT told me that I need to propagate have something that will answer DNS queries and respond with mDNS entries. Can I do this with adguard or do I need something else? What would you recommend in this case? | 15:31:02 |
 K900 | Uhhh what | 15:31:16 |
| K900 | Do you want to do mDNS over Tailscale? | 15:31:23 |
| K900 | Or do you want to do a subnet router thing that forwards mDNS? | 15:31:34 |
| ghostbuster91 | Currently when I am on the lan network I am able to resolve mDNS addresses, but if I turn on the VPN I lose that ability. I want to fix this as not all devices can run vpn client | 15:35:26 |
 @saiko:knifepoint.net | is tailscale a tap interface (mac layer)? otherwise, bad news I think unless you can fake mdns somehow | 15:35:43 |
| @saiko:knifepoint.net | mdns needs broadcast support and pretty sure you only get that with a layer 2 tunnel | 15:37:08 |
| ghostbuster91 | yes, but gpt told me that I could have sth that would answer dns queries by translating them to mDNS | 15:38:31 |
| @saiko:knifepoint.net | at that point I would set up a normal dns server with a non-local. zone and use normal dns. I’m just making a somewhat educated guess here so I might be wrong but for this to work with mdns names I assume you need a modified mdns resolver on the client, or serve the local. zone via dns which is forbidden | 15:43:22 |
| ghostbuster91 | ok let me take a step back and explain my use-case. Maybe I did something wrong earlier.
I have headscale that has global dns configured that point to my adguard instance.
| 15:45:06 |
| ghostbuster91 | There I have manual entries xyz.mydomain that points to my serwer (by the vpn ip adderss) | 15:45:39 |
| ghostbuster91 | one of them is esphome.mydomain | 15:45:46 |
| ghostbuster91 | this works great until I want to explore one of the devices listed in esphome dashboard | 15:46:07 |
| ghostbuster91 | this devices advertise themselves by mDNS | 15:46:20 |
| ghostbuster91 | once I am on the vpn I can see the esphome dashboard by I cannot enter into any device | 15:46:43 |
| ghostbuster91 | * once I am on the vpn I can see the esphome dashboard by I cannot enter into any device's details | 15:46:51 |
| ghostbuster91 | * these devices advertise themselves by mDNS | 15:47:16 |
| @saiko:knifepoint.net | can you make the dashboard proxy the info instead of requiring the client to access the devices directly, or set non-mdns names for the devices? | 15:48:04 |
