diff options
| author | Chris Poole <github@hackernet.co.uk> | 2021-10-19 18:08:40 +0100 |
|---|---|---|
| committer | rebortg <github@ghlr.de> | 2021-10-19 21:03:34 +0200 |
| commit | 8c3a5f67bdede474f9cadc00bac9f04c67655c0e (patch) | |
| tree | 75bcde1e4c6a5ad9cbe4f615ff106a77ce23257c /docs/configuration/service/dns.rst | |
| parent | d99bd4e9eb3a47fab59ecb36306716b1821981aa (diff) | |
| download | vyos-documentation-8c3a5f67bdede474f9cadc00bac9f04c67655c0e.tar.gz vyos-documentation-8c3a5f67bdede474f9cadc00bac9f04c67655c0e.zip | |
Update dns.rst with forwarding source-address
Add documentation for "set service dns forwarding source-address <address>"
We needed this setting in a split-horizon DNS down a VPN tunnel to force the source address to a an IP that can be routed back instead of the VPN tunnel endpoint, but can only find it described in the command line currently.
(cherry picked from commit 4ef2f73b26cffa320ab9724b4bb742aee327e859)
Diffstat (limited to 'docs/configuration/service/dns.rst')
| -rw-r--r-- | docs/configuration/service/dns.rst | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/docs/configuration/service/dns.rst b/docs/configuration/service/dns.rst index 72123c5d..c012435b 100644 --- a/docs/configuration/service/dns.rst +++ b/docs/configuration/service/dns.rst @@ -111,7 +111,12 @@ avoid being tracked by the provider of your upstream DNS server. The local IPv4 or IPv6 addresses to bind the DNS forwarder to. The forwarder will listen on this address for incoming connections. -.. cfgcmd:: set service dns forwarding no-server-rfc1918 +.. cfgcmd:: set service dns forwarding source-address <address> + + The local IPv4 or IPv6 addresses to use as a source address for sending queries. + The forwarder will send forwarded outbound DNS requests from this address. + +.. cfgcmd:: set service dns forwarding no-serve-rfc1918 This makes the server authoritatively not aware of: 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa, which enabling upstream |