From cb0f0f133d3f91aa117ef330d7f6ab36992cb279 Mon Sep 17 00:00:00 2001 From: didericis Date: Tue, 12 May 2026 15:48:55 -0400 Subject: [PATCH] docs(prd): resolve gate-DNS open question on 0007 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Spike: container on a `--internal` user-defined network resolves another container's name via the embedded resolver at 127.0.0.11 and reaches it over TCP, while egress to the public internet remains blocked. The PRD's design assumption holds — no design change needed. --- docs/prds/0007-ssh-egress-gate.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/docs/prds/0007-ssh-egress-gate.md b/docs/prds/0007-ssh-egress-gate.md index d4fca13..f2f816a 100644 --- a/docs/prds/0007-ssh-egress-gate.md +++ b/docs/prds/0007-ssh-egress-gate.md @@ -170,10 +170,14 @@ dataclass (`SSHGatePlan`) under `claude_bottle/ssh_gate.py`. - Connection-level audit log: socat's `-v` mode logs every connect/close. Worth piping into the bottle's stderr stream, or is that noise? Default off, reconsider if debugging gets hard. -- Docker DNS for the `` hostname inside the +- ~~Docker DNS for the `` hostname inside the agent: works via Docker's embedded resolver on user-defined networks. Verify on the `--internal` network specifically before - implementation. + implementation.~~ **Resolved.** Spike confirmed: a container on + a `--internal` user-defined network resolves another + container's name via the embedded resolver at 127.0.0.11 and + reaches it over TCP, while egress to the public internet + remains blocked. The PRD's design assumption holds. ## References