NixOS LXC (Proxmox) can't reach local domains

Seedsca · July 10, 2025, 5:50am

Hi all,

I’m having issues where I can ping a host on my LAN with their IP, but not their domain name. It’s setup correctly, since I can do so with other NixOS VMs in Proxmox and other LXCs as well.

I have pared down the configuration.nix file as much as I know how, but the problem persists:

{ config, pkgs, modulesPath, ... }:

{
  imports =
    [
    (modulesPath + "/virtualisation/proxmox-lxc.nix")
    ];

  networking.hostName = "nixos"; # Define your hostname.

  # Enable networking
  networking.networkmanager.enable = true;

  # Set your time zone.
  time.timeZone = "America/Los_Angeles";

  # Select internationalisation properties.
  i18n.defaultLocale = "en_US.UTF-8";

  i18n.extraLocaleSettings = {
    LC_ADDRESS = "en_US.UTF-8";
    LC_IDENTIFICATION = "en_US.UTF-8";
    LC_MEASUREMENT = "en_US.UTF-8";
    LC_MONETARY = "en_US.UTF-8";
    LC_NAME = "en_US.UTF-8";
    LC_NUMERIC = "en_US.UTF-8";
    LC_PAPER = "en_US.UTF-8";
    LC_TELEPHONE = "en_US.UTF-8";
    LC_TIME = "en_US.UTF-8";
  };

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.sergio = {
    isNormalUser = true;
    description = "Sergio";
    extraGroups = [ "networkmanager" "wheel" ];
    packages = with pkgs; [
    ];
  };

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
     vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
  ];

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "24.05"; # Did you read the comment?

}

The /etc/nsswitch.conf on the LXC looks like this:

passwd:    files systemd
group:     files [success=merge] systemd
shadow:    files
sudoers:   files

hosts:     mymachines resolve [!UNAVAIL=return] files myhostname dns
networks:  files

ethers:    files
services:  files
protocols: files
rpc:       files

The same file on my working VM is this:

passwd:    files systemd
group:     files [success=merge] systemd
shadow:    files
sudoers:   files

hosts:     mymachines mdns4_minimal [NOTFOUND=return] files myhostname dns mdns4
networks:  files

ethers:    files
services:  files
protocols: files
rpc:       files

Not really what is setting the files differently, but also not able to figure out how to change it…
This is the version on the LXC:

nixos-version
25.11pre826938.9807714d6944 (Xantusia)

Thanks for any input!

Seedsca · July 11, 2025, 11:36pm

Strangely, I had to add nameservers and search to networkign in order for this to work. Not sure why, since I don’t think I have this setup on my other NixOS configuration.

  networking = {
    networkmanager.enable = true;
    nameservers = [ "192.168.10.101" ]; #Pi-Hole
    search = [ "my.host" ];
  };

/etc/resolv.conf does not show the nameserver, though. But I can’t ping my.host local subdomains without adding it to nameservers…

nameserver 127.0.0.53
options edns0 trust-ad
search my.host

And NetworkManager may not be a good option?

cat /etc/NetworkManager/NetworkManager.conf

[connection]
ethernet.cloned-mac-address=preserve
wifi.cloned-mac-address=preserve
wifi.powersave=null

[device]
wifi.backend=wpa_supplicant
wifi.scan-rand-mac-address=true

[keyfile]
unmanaged-devices=null

[logging]
audit=false
level=WARN

[main]
dhcp=internal
dns=systemd-resolved
plugins=keyfile
rc-manager=unmanaged

FrankLawrence · September 5, 2025, 11:37am

After setting

networkmanager = {
  enable = true;
  dns = "none";
};

, it correctly updates the nameserver in the /etc/resolv.conf file.