Using dnsmasq in a Docker container for the host and for Docker internal DNS resolution

Question

I'm working on a web project that consists of multiple services. Every service has it's own docker-compose.yml file that declares it's "app" and it's possible dependencies (databases etc). To have them all play nicely together, I have built a local dev env that ties them together with an nginx proxy that has server blocks with proper servernames and then proxy_pass'es the requests to the actual containers using Docker's networking.

I've also added dnsmasq in a container as well to aid with DNS, to use the domain names locally instead of localhost:port combo's (by adding a resolver for the test tld to 127.0.0.1).

Proxy docker-compose:

services:
    local-proxy:
        build: ./nginx
        ports:
            - 80:80
            - 443:443

    local-proxy-dnsmasq:
        build: ./dnsmasq # builds on top of 4km3/dnsmasq
        ports:
            - "53:53/tcp"
            - "53:53/udp"
        cap_add:
            - NET_ADMIN
networks:
    default:
        external:
            name: domain-local

dnsmasq.conf:

listen-address=0.0.0.0
interface=eth0
user=root

address=/.test/0.0.0.0

example proxy nginx server:

server {
    server_name login.domain.test;
    location / {
        # headers...
        proxy_pass http://domain-login:8080;
    }
}

example docker-compose of one of the services:

services:
    domain-login:
        build: # ...
        networks:
            - default
            - domain-local

All of this works perfectly fine in the browser, I can go to tenant.domain.test , get redirected to login.domain.test...

However, when the container running tenant.domain.test has to make a curl request from it's container to one of the others (e.g. login.domain.test to complete the oauth flow), it borks as it's trying to resolve login.domain.test by going to itself:

root@6d25c2f5daf1:/var/www/app# nslookup login.domain.test
Server:     127.0.0.11
Address:    127.0.0.11#53

Non-authoritative answer:
Name:   login.domain.test
Address: 0.0.0.0
;; connection timed out; no servers could be reached

If I change the dnsmasq.conf from address=/.test/0.0.0.0 to address=/.test/10.0.1.102 (the currently assigned IP of my computer), everything works. However this is of course not a working solution for coworkers for example. Can anyone set me on the correct Google path potentially or have a fix?

Answer 1

The line address=/.test/0.0.0.0 tells dnsmasq to resolve domain name test to IP address 0.0.0.0. The address 0.0.0.0 is not a valid IP address. It is handled by some browsers (e.g. chrome) as 127.0.0.1 but it is non-standard behaviour.