100k DNS requests within 10 minutes. This happens also if none of the container...">

> 100k DNS requests within 10 minutes for "notify.bugsnag.com" · Issue #13722 · docker/for-win (original) (raw)

Description

Having a DNS server in place blocking requests for "notify.bugsnag.com" causes Docker Desktop to create > 100k DNS requests within 10 minutes.
This happens also if none of the containers is running.

Reproduce

  1. Use a DNS server which responds to DNS queries for "notify.bugsnag.com" with 0.0.0.0 or NODATA (see "Pi-hole's unspecified IP or NULL blocking mode" and "Pi-hole's NODATA blocking mode" in https://docs.pi-hole.net/ftldns/blockingmode/)
  2. Start Docker Desktop
  3. See the number of queries rise to a high level (e.g. in Microsoft Network Monitor or in Pi-hole log)

Expected behavior

I would expect that Docker Desktops stops trying to resolve the address in case it gets "0.0.0.0" as IP for "notify.bugsnag.com"

docker version

Client: Cloud integration: v1.0.35+desktop.5 Version: 24.0.6 API version: 1.43 Go version: go1.20.7 Git commit: ed223bc Built: Mon Sep 4 12:32:48 2023 OS/Arch: windows/amd64 Context: default

Server: Docker Desktop 4.24.1 (123237) Engine: Version: 24.0.6 API version: 1.43 (minimum version 1.12) Go version: go1.20.7 Git commit: 1a79695 Built: Mon Sep 4 12:32:16 2023 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.6.22 GitCommit: 8165feabfdfe38c65b599c4993d227328c231fca runc: Version: 1.1.8 GitCommit: v1.1.8-0-g82f18fe docker-init: Version: 0.19.0 GitCommit: de40ad0

docker info

Client: Version: 24.0.6 Context: default Debug Mode: false Plugins: buildx: Docker Buildx (Docker Inc.) Version: v0.11.2-desktop.5 Path: C:\Program Files\Docker\cli-plugins\docker-buildx.exe compose: Docker Compose (Docker Inc.) Version: v2.22.0-desktop.2 Path: C:\Program Files\Docker\cli-plugins\docker-compose.exe dev: Docker Dev Environments (Docker Inc.) Version: v0.1.0 Path: C:\Program Files\Docker\cli-plugins\docker-dev.exe extension: Manages Docker extensions (Docker Inc.) Version: v0.2.20 Path: C:\Program Files\Docker\cli-plugins\docker-extension.exe init: Creates Docker-related starter files for your project (Docker Inc.) Version: v0.1.0-beta.8 Path: C:\Program Files\Docker\cli-plugins\docker-init.exe sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.) Version: 0.6.0 Path: C:\Program Files\Docker\cli-plugins\docker-sbom.exe scan: Docker Scan (Docker Inc.) Version: v0.26.0 Path: C:\Program Files\Docker\cli-plugins\docker-scan.exe scout: Docker Scout (Docker Inc.) Version: v1.0.7 Path: C:\Program Files\Docker\cli-plugins\docker-scout.exe

Server: Containers: 2 Running: 0 Paused: 0 Stopped: 2 Images: 20 Server Version: 24.0.6 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Using metacopy: false Native Overlay Diff: true userxattr: false Logging Driver: json-file Cgroup Driver: cgroupfs Cgroup Version: 1 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: io.containerd.runc.v2 runc Default Runtime: runc Init Binary: docker-init containerd version: 8165feabfdfe38c65b599c4993d227328c231fca runc version: v1.1.8-0-g82f18fe init version: de40ad0 Security Options: seccomp Profile: unconfined Kernel Version: 5.10.102.1-microsoft-standard-WSL2 Operating System: Docker Desktop OSType: linux Architecture: x86_64 CPUs: 12 Total Memory: 31.23GiB Name: docker-desktop ID: 04bf0df4-4d6d-4d1f-be28-ff7cc2dee1d6 Docker Root Dir: /var/lib/docker Debug Mode: false HTTP Proxy: http.docker.internal:3128 HTTPS Proxy: http.docker.internal:3128 No Proxy: hubproxy.docker.internal Experimental: false Insecure Registries: hubproxy.docker.internal:5555 127.0.0.0/8 Live Restore Enabled: false

WARNING: No blkio throttle.read_bps_device support WARNING: No blkio throttle.write_bps_device support WARNING: No blkio throttle.read_iops_device support WARNING: No blkio throttle.write_iops_device support WARNING: daemon is not using the default seccomp profile

Diagnostics ID

1CF3E576-798B-4A52-B525-1901E4F4EFE0/20231005092142

Additional Info

The only workaround I found so far is to add "notify.bugsnag.com" to the whitelist in Pi-hole.