From 19d509dc35df232dc1703a4d8b2bad23eb2ff6cb Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Fri, 26 May 2023 18:24:50 -0500 Subject: [PATCH] Switching from dnsdist to nextdns. --- config-parts/firewall-name.sh | 8 ++++++++ config-parts/service-dhcp_server.sh | 4 ++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/config-parts/firewall-name.sh b/config-parts/firewall-name.sh index bd94e70..d6142e8 100644 --- a/config-parts/firewall-name.sh +++ b/config-parts/firewall-name.sh @@ -430,6 +430,14 @@ set firewall name servers-local rule 8 description 'Rule: accept_bgp_2' set firewall name servers-local rule 8 destination port '3784' set firewall name servers-local rule 8 protocol 'udp' set firewall name servers-local rule 8 source group address-group 'k8s_nodes' +set firewall name servers-local rule 9 action 'accept' +set firewall name servers-local rule 9 description 'Rule: accept_dns_udp' +set firewall name servers-local rule 9 destination port '53' +set firewall name servers-local rule 9 protocol 'udp' +set firewall name servers-local rule 10 action 'accept' +set firewall name servers-local rule 10 description 'Rule: accept_dns_tcp' +set firewall name servers-local rule 10 destination port '53' +set firewall name servers-local rule 10 protocol 'tcp' # From SERVERS to CONTAINERS set firewall name servers-containers default-action 'accept' diff --git a/config-parts/service-dhcp_server.sh b/config-parts/service-dhcp_server.sh index cd5f94c..d28c7ab 100644 --- a/config-parts/service-dhcp_server.sh +++ b/config-parts/service-dhcp_server.sh @@ -130,7 +130,7 @@ set service dhcp-server shared-network-name SERVERS ping-check set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 default-router '10.1.1.1' set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 domain-name 'jahanson.tech' set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 lease '86400' -set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 name-server '10.5.0.4' +set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 name-server '10.1.1.1' set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 range 0 start '10.1.1.200' set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 range 0 stop '10.1.1.254' @@ -160,7 +160,7 @@ set service dhcp-server shared-network-name TRUSTED ping-check set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 default-router '10.1.2.1' set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 domain-name 'jahanson.tech' set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 lease '86400' -set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 name-server '10.5.0.4' +set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 name-server '10.1.2.1' set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 range 0 start '10.1.2.200' set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 range 0 stop '10.1.2.254'