Hi Javier. am Montag, 05. Juni 2017 um 14:06 schrieben Sie:
>> De: Aleksandar Lazic [mailto:[email protected]] >> > >> > I would like to convert the skydns built into openshift into a >> > delegated zone of our own DNS domain. I've seen that it runs at 8053, >> >> The dnsmasq is not a workaround it's the solution for keep DNS >> resolving up and running. > > Maybe I didn't explain well enough. I don't want to get DNS > resolucion from whitin the openshift nodes towards themselves or the > outside. I want to make the **.cluster.local names resolvable from the > outside. Due to the fact that dnsmasq listen by default on all interfaces netstat -tulpn|egrep 'Pro|dns' Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 97429/dnsmasq tcp6 0 0 :::53 :::* LISTEN 97429/dnsmasq udp 0 0 0.0.0.0:53 0.0.0.0:* 97429/dnsmasq udp6 0 0 :::53 :::* 97429/dnsmasq you can add udp 53 to OS_FIREWALL_ALLOW chain on the nodes which you want to use as dns resolver for cluster.local? You can add for example on master01 the following line in /etc/sysconfig/iptables. -A OS_FIREWALL_ALLOW -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT Then you only need to point the ns entry to the master01 and of course your clients must be able to reach master01 via udp 53. Does this helps? > Javier Palacios -- Best Regards Aleksandar Lazic - ME2Digital e. U. https://me2digital.online/
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
