Skip to content

Commit dc1de5b

Browse files
wgabor0427wgabor0427
committed
OCPBUGS-20395 replaced URLs in upstream section openshift#6 in both the code and comment below (configuring-dns-forwarding-with-tls.adoc)
1 parent 1b25ad9 commit dc1de5b

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

modules/configuring-dns-forwarding-with-tls.adoc

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -48,8 +48,8 @@ spec:
4848
serverName: dnstls.example.com <4>
4949
policy: Random <5>
5050
upstreams: <6>
51-
- 1.1.1.1
52-
- 2.2.2.2:5353
51+
- 192.0.2.1
52+
- 192.0.2.2:5353
5353
upstreamResolvers: <7>
5454
transportConfig:
5555
transport: TLS
@@ -67,7 +67,7 @@ spec:
6767
<3> When configuring TLS for forwarded DNS queries, set the `transport` field to have the value `TLS`.
6868
<4> When configuring TLS for forwarded DNS queries, this is a mandatory server name used as part of the server name indication (SNI) to validate the upstream TLS server certificate.
6969
<5> Defines the policy to select upstream resolvers. Default value is `Random`. You can also use the values `RoundRobin`, and `Sequential`.
70-
<6> Required. Use it to provide upstream resolvers. A maximum of 15 `upstreams` entries are allowed per `forwardPlugin` entry.
70+
<6> Required. Use it to provide upstream resolvers. A maximum of 15 `upstreams` entries are allowed per `forwardPlugin` entry. These are IP addresses that you maintain/operate and are connected to your internal DNS servers.
7171
<7> Optional. You can use it to override the default policy and forward DNS resolution to the specified DNS resolvers (upstream resolvers) for the default domain. If you do not provide any upstream resolvers, the DNS name queries go to the servers in `/etc/resolv.conf`.
7272
<8> Only the `Network` type is allowed when using TLS and you must provide an IP address. `Network` type indicates that this upstream resolver should handle forwarded requests separately from the upstream resolvers listed in `/etc/resolv.conf`.
7373
<9> The `address` field must be a valid IPv4 or IPv6 address.
@@ -94,7 +94,7 @@ apiVersion: v1
9494
data:
9595
Corefile: |
9696
example.com:5353 {
97-
forward . 1.1.1.1 2.2.2.2:5353
97+
forward . 192.0.2.1 192.0.2.2:5353
9898
}
9999
bar.com:5353 example.com:5353 {
100100
forward . 3.3.3.3 4.4.4.4:5454 <1>

0 commit comments

Comments
 (0)