[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: openshift dns as delegated domain



> De: Aleksandar Lazic [mailto:aleks me2digital eu]
> 
> You can add for example on master01 the following line in
> /etc/sysconfig/iptables.
> 
> -A OS_FIREWALL_ALLOW -p udp -m state --state NEW -m udp --dport 53 -j
> ACCEPT
> 
> Then you only need to point the ns entry to the master01 and of course
> your clients must be able to reach master01 via udp 53.

That is for sure required, but seems not enough. That just allows to gets name resolution when binding directly to the dnsmasq.
But what I want is not to add master01 to my node dnsserver list, but let my standard dns to ask to master01 for anything below cluster.local, as it does with any other query for non-local domains.

Let say, after opening 53/udp I can do (10.1.0.155 is the master01 addresses)
    nslookup  registry-console-default.router.default.svc.cluster.local registry-console-default.router.default.svc.cluster.local - 10.1.0.155
but what I want is to succeed just with
    nslookup  registry-console-default.router.default.svc.cluster.local registry-console-default.router.default.svc.cluster.local

I can do that with a dnsmasq instance that I fully manage, but the first step is to make it authoritative (http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html#lbAH), and I cannot do with the openshift one which is by definition a forward only instance.

Javier Palacios


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]