> De: Aleksandar Lazic [mailto:[email protected]]
>
> You can add for example on master01 the following line in
> /etc/sysconfig/iptables.
>
> -A OS_FIREWALL_ALLOW -p udp -m state --state NEW -m udp --dport 53 -j
> ACCEPT
>
> Then you only need to point the ns entry to the master01 and of course
> your clients must be able to reach master01 via udp 53.
That is for sure required, but seems not enough. That just allows to gets name
resolution when binding directly to the dnsmasq.
But what I want is not to add master01 to my node dnsserver list, but let my
standard dns to ask to master01 for anything below cluster.local, as it does
with any other query for non-local domains.
Let say, after opening 53/udp I can do (10.1.0.155 is the master01 addresses)
nslookup registry-console-default.router.default.svc.cluster.local
registry-console-default.router.default.svc.cluster.local - 10.1.0.155
but what I want is to succeed just with
nslookup registry-console-default.router.default.svc.cluster.local
registry-console-default.router.default.svc.cluster.local
I can do that with a dnsmasq instance that I fully manage, but the first step
is to make it authoritative
(http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html#lbAH), and I cannot
do with the openshift one which is by definition a forward only instance.
Javier Palacios
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
