You are not logged in.

#1 2013-08-07 16:48:48

phollox
Member
Registered: 2013-05-04
Posts: 21

Application specific DNS configuration

Hello fellow Archers,

I have a somewhat particular need. I'm using the excellent package netflix-desktop, to stream netflix within arch. For those who haven't use it yet, it installs a patched version of wine that runs the Microsoft Silverlight plugin with its DRM protection, a requirement for streaming Netflix. It also installs a stripped down Firefox to access Netflix within this wine environment. I would like to be able to stream content from other countries, mostly because the availability of titles in my area.

I managed to install Media Hint, a Firefox extension that gives me access to the US content. I want to configure an access to www.overplay.net, a service that offers me the chance to easily switch my location, based on DNS servers. According to their website, these DNS settings should be put into the router (primary and alternate address of their DNS servers). I don't want to do that. I just want to route my Netflix traffic through their DNS servers. How would you do that?

I tried to configure the DNS settings within wine. There is no network configuration interface, so I created a couple of entries in the  pseudo "Windows" Registry, but it didn't work. Most software obtain their network access from Linux directly. I'm not sure if there's a way to bypass this, and use a different network setting only within wine.

I also installed a Firefox extension that claims it can changes the DNS servers (Switch Host). However, it only changes the hosts file of the wine environment directly from Firefox (something not very secure, BTW). And that's not what I need.

Now I'm thinking about a new network interface that it's only accessed by wine, or by the Firefox within wine. Not sure if that's possible, and I have no idea about how to do it.

I previously posted this question in the Multimedia forum because it's related with video streaming. But then I realize it's more a Networking problem, and it will probably get feedback faster here. I already asked the moderator of the Multimedia subforum to remove my previous post.

If anyone have any advice, a link to a wiki article, anything, thanks in advance. Any help is appreciated.

Last edited by phollox (2013-08-07 16:51:11)


I divide by zero, multiple times per day. Also, I don't believe in tipping

Offline

#2 2013-08-08 22:42:45

MariusMatutiae
Member
Registered: 2012-11-08
Posts: 31

Re: Application specific DNS configuration

Not immediately possible. There is no such thing as "application-dependent routing policy" in *Nix systems. The problem is that there is a single file, /etc/resolv.conf, containing your DNS servers, and its use is not under your control, only the kernel's. There is no per-interface, per-domain, or per-connection setting of any sort.

The only solution that occurs to me is to set up a VM, have netflix run within the VM, and then you may instruct the VM to use whichever DNS servers you wish, independently of the set-up on the host machine.

Offline

#3 2013-08-08 22:51:18

WonderWoofy
Member
From: Los Gatos, CA
Registered: 2012-05-19
Posts: 8,412

Re: Application specific DNS configuration

Rather than a VM, why not just a container?  I imagine you could have a different resolv.conf in an LXC container... or even a chroot or systemd-nspawn (though I have not tried this).  It just seems like it would be a whole lot less stuff going on to simply watch some netflix.

Offline

#4 2013-08-09 15:18:24

phollox
Member
Registered: 2013-05-04
Posts: 21

Re: Application specific DNS configuration

Thanks for the suggestions.

As WonderWoofy says, the VM is an overkill. I just want to stream Netflix, using different network settings than the rest of my Linux machine. I tried to create an /etc/resolv.conf.head, putting the domain netflix.com and the DNS server IP addresses. But I'm not 100% sure that it will route ONLY the traffic of the netflix domain through those DNS servers.

I mentioned before that the default behaviour on wine is to use the linux DNS configuration. I got that from the wine wiki:
http://wine-wiki.org/index.php/Wine_Reg … NameServer

I will try again the wine registry modification, to see if it works.

Thanks again,


I divide by zero, multiple times per day. Also, I don't believe in tipping

Offline

#5 2013-08-09 15:27:33

WonderWoofy
Member
From: Los Gatos, CA
Registered: 2012-05-19
Posts: 8,412

Re: Application specific DNS configuration

I'm not sure if I fully understand what you are trying to do here, but resolv.conf.head will simply append anything it has in it to resolv.conf.  For example, I use dnsmasq, so I have to route all DNS traffic to my localhost, which is really feeding it to dnsmasq.  Then dnsmasq does the IP resolution either through DNS or the local cache.  So I have a resolv.conf.head with just "nameserver 127.0.0.1". 

When I actually connect to a network, lets say for example that I use dhcp, and the dhcp server (router) is set up to have clients use google DNS.  So I would be left with something like this:

# Autogenerated by blah blah
search home.lan
nameserver 127.0.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4

So I don't think that resolv.conf.head is what you are looking for.  It certainly would not apply to wine only.  I really think you need to run a minimal 32 bit chroot that has just the netflix stuff installed to it.  Then just have the DNS set in resolv.conf, and make sure you don't use arch-chroot (because it will bind mount /etc/resolv.conf to <chroot>/etc/resolv.conf).

Offline

#6 2013-08-30 10:59:50

MariusMatutiae
Member
Registered: 2012-11-08
Posts: 31

Re: Application specific DNS configuration

phollox wrote:

Thanks for the suggestions.

As WonderWoofy says, the VM is an overkill.

Perhaps. But it has one major advantage over LXC in Arch: it works out of the box. LXC templates in Arch are all terribly outdated, as you are bound to find out soon, and suffer from the difficulty of having to integrate systemd with non-systemd OSes. The wiki is also outdated, and no one has published a working template for running an arch-linux cotainer within arch-linux.  My experience with LXC's within Arch is, so far, one of my major grievances in the arch-experience.

Last edited by MariusMatutiae (2013-08-30 11:00:32)

Offline

#7 2013-08-30 17:35:14

WonderWoofy
Member
From: Los Gatos, CA
Registered: 2012-05-19
Posts: 8,412

Re: Application specific DNS configuration

Yeah, but systemd includes systemd-nspawn, which should make running an arch container super simple… so having to wade through outdated LXC info is probably not necessary for such a task.

Offline

#8 2013-08-30 17:46:19

headkase
Member
From: Canada
Registered: 2011-12-06
Posts: 1,543
Website

Re: Application specific DNS configuration

MariusMatutiae wrote:

Not immediately possible. There is no such thing as "application-dependent routing policy" in *Nix systems. The problem is that there is a single file, /etc/resolv.conf, containing your DNS servers, and its use is not under your control, only the kernel's. There is no per-interface, per-domain, or per-connection setting of any sort.

The only solution that occurs to me is to set up a VM, have netflix run within the VM, and then you may instruct the VM to use whichever DNS servers you wish, independently of the set-up on the host machine.

/etc/resolv.conf

is overwritten automatically, usually by your dhcp daemon.  However, if you want to use your own nameservers you can add them, and delete the others, to that file and then do:

# chattr +i resolv.conf

and that makes the file immutable so no other changes, no matter from what, will happen to the file.  You can reverse the immutable flag by substituting -i in the given command.

Changes in resolv.conf take effect immediately.


We all make choices, but in the end, our choices make us.

Offline

#9 2013-09-03 14:35:55

MariusMatutiae
Member
Registered: 2012-11-08
Posts: 31

Re: Application specific DNS configuration

To Headkase:

true but not immediately relevant. The point is not whether you can alter at will the content of /etc/resolv.conf (you can, and your way of doing it is a possible solution, even though I prefer the rather less blunt use of resolvconf), but whether you can retain simultaneously two distinct set of DNSs, to be used according to the connection or the application running. By using your dirty trick, you use one set of DNSs, and that's it, you do not use two distint sets simultaneously, which is what the original question was all about.

To WonderWoofy:

thanks for the heads-up, I was not aware of systemd-nspawn. I will look it up.

Last edited by MariusMatutiae (2013-09-03 14:38:49)

Offline

#10 2013-09-03 15:38:40

progandy
Member
Registered: 2012-05-17
Posts: 2,152

Re: Application specific DNS configuration

You can use a LD_PRELOAD library and inject custom dns lookup functions into certain processes instead of the glibc implementation.

Offline

#11 2013-09-04 06:15:53

MariusMatutiae
Member
Registered: 2012-11-08
Posts: 31

Re: Application specific DNS configuration

To WonderWoofy

I am not sure that systemd-nspawn is a solution to this problem at all, WW. The manual page for systemd-nspawn states, at the very beginning:

Network interfaces and the system clock may not be changed from within the container

So, presumably, routing and the whole shebang takes place outside the container, and the new container is still stuck with the unique choice of DNS servers that was discussed above (one set at a time). It is possible there is a smart way to do this, but if so, it cannot be recovered via Google. Have you thought of one?

It seems to me that systemd-nspawn is another intermediate notch between true virtualization (say, VirtualBox) and chroot, only it is a step below LXC. The manual page mentioned above warns against the many limitations of system-nspawn, including some which make it a bit less effective than LXC (e.g. "Device nodes may not be created"). The root of this is this very clear statement from the very same man page:

The intended use of this program is debugging and testing as well as building of packages, distributions and software involved with boot and systems management.

So, even though systemd-nspawn did mitigate my grievance against Arch about the lack of a proper LXC package, it did not fully assuage it, since the overlap between the two is only partial. Cheers.

Offline

#12 2013-09-04 06:28:55

progandy
Member
Registered: 2012-05-17
Posts: 2,152

Re: Application specific DNS configuration

So, even though systemd-nspawn did mitigate my grievance against Arch about the lack of a proper LXC package, it did not fully assuage it, since the overlap between the two is only partial. Cheers.

What is a proper lxc package? There is lxc in the community repo and then the AUR has docker, libvirt-sandbox, lxctl ...

PS: Here is a LD_PRELOAD implementation: https://github.com/hadess/resolvconf-override

Last edited by progandy (2013-09-04 06:35:58)

Offline

#13 2013-09-04 10:33:32

MariusMatutiae
Member
Registered: 2012-11-08
Posts: 31

Re: Application specific DNS configuration

progandy wrote:

What is a proper lxc package? There is lxc in the community repo and then the AUR has docker, libvirt-sandbox, lxctl ...

One with templates working out of the box. If you feel everything is in top shape, could you please help me out with
this post? I would be delighted. Even a suggestion of a previous discussion, or additional material to read would be welcome, because I have exhausted the resources of the wiki. Thanks.

Last edited by MariusMatutiae (2013-09-04 10:38:10)

Offline

#14 2013-09-04 10:37:04

kokoko3k
Member
Registered: 2008-11-14
Posts: 1,526

Re: Application specific DNS configuration

Namespaces and bind mounts is another shoot:
http://glandium.org/blog/?p=217

Offline

#15 2013-09-04 11:21:07

progandy
Member
Registered: 2012-05-17
Posts: 2,152

Re: Application specific DNS configuration

MariusMatutiae wrote:
progandy wrote:

What is a proper lxc package? There is lxc in the community repo and then the AUR has docker, libvirt-sandbox, lxctl ...

One with templates working out of the box. If you feel everything is in top shape, could you please help me out with
this post? I would be delighted. Even a suggestion of a previous discussion, or additional material to read would be welcome, because I have exhausted the resources of the wiki. Thanks.

I havent used it yet, but I have been reading up on it, so thanks for the info.

Offline

#16 2013-09-04 14:57:10

Lekensteyn
Member
From: Netherlands
Registered: 2012-06-19
Posts: 181
Website

Re: Application specific DNS configuration

As progandy suggested, LD_PRELOAD should work, but I found an easier alternative (not tested) at Unix.SE:

matlehmann wrote:

I was looking for a way to run a program with modified DNS resolution for testing purposes. For me, the solution was using the HOSTALIASES environment variable:

$ echo "foo www.google.com" >> ~/.hosts
$ HOSTALIASES=~/.hosts
$ wget foo

See hostname(7).

Offline

#17 2013-09-04 15:30:02

progandy
Member
Registered: 2012-05-17
Posts: 2,152

Re: Application specific DNS configuration

Lekensteyn wrote:

As progandy suggested, LD_PRELOAD should work, but I found an easier alternative (not tested) at Unix.SE:

matlehmann wrote:

I was looking for a way to run a program with modified DNS resolution for testing purposes. For me, the solution was using the HOSTALIASES environment variable:

I don't think that will work if you want to replace the complete dns server.

I testet the LD_PRELOAD override and it works:

$ git clone https://github.com/hadess/resolvconf-override
$ cd resolvconf-override
$ gcc -Wall -O2 -fpic -shared -ldl -o libresolvconf_override.so resolvconf-override.c

## Test with http://www.cesidianroot.net/
$ gethostip -f dig.root
dig.root: Unknown host
$ LD_PRELOAD=./libresolvconf_override.so NAMESERVER1=78.47.115.194 gethostip -f dig.root
dig.cesidian.info 178.254.21.243 B2FE15F3
$ gethostip -f dig.cesidian.info
dig.cesidian.info 178.254.21.243 B2FE15F3
$ LD_PRELOAD=./libresolvconf_override.so NAMESERVER1=78.47.115.194 gethostip -f dig.cesidian.info
dig.cesidian.info 178.254.21.243 B2FE15F3

Offline

Board footer

Powered by FluxBB