Vault DNS Resolution fails on VPN now that --with-dynamic is gone

(Adam Baker) #1

First, let me say that I think Homebrew is an awesome project and it’s made using open source tools on macOS just as seamless as they are on Linux.

Back in 2017 when I first started using Vault I discovered that Vault from Homebrew didn’t work correctly when I was working offlsite over VPN because it was using Go’s internal resolver which, from my understanding, is relatively naive and just uses what’s in /etc/resolv.conf and doesn’t have a way to use DNS servers provided by a VPN connection. Then I came across this issue which allowed me to get Vault to work by using the --with-dynamic option which instructs Go to build Vault with support to use the native system resolver.

I updated a couple of days ago and discovered that Vault no longer works over VPN because of the DNS resolution issue. Then I discovered this issue:

Further reading Issues, including , would also indicate that options are never coming back, no matter what.

Question: Since not having --with-dynamic makes Vault completely unusable for myself and members of my team when we have to work remotely, what alternatives do we have other than finding a non-brew way to install and update Vault?

Update: it would seem that the Go project is aware of the shortcomings of the Go native resolver - - perhaps a worthwhile place for anyone who is experiencing the same issue to chime in.

(Sean Molenaar) #2

You could use the information here: to maintain your own version of the formula until go fixes their DNS.

(Marcus Maxwell) #3

I’ve setup a tap for those interested