vr_dns

DNS

This feature implements a DNS recursor, the main use case of it would be to provide DNS to VMs running inside an isolated (no Internet access), private VNET.

For example to enable the recursor on a 172.20.0.0/24 VNET:

CONTEXT = [
  ...
  ONEAPP_VROUTER_ETH1_VIP0 = "172.20.0.123",
  ...
  ONEAPP_VNF_DNS_ENABLED         = "YES",
  ONEAPP_VNF_DNS_INTERFACES      = "eth1",
  ONEAPP_VNF_DNS_MAX_CACHE_TTL   = "",
  ONEAPP_VNF_DNS_USE_ROOTSERVERS = "YES",
  ...
]

The 172.20.0.0/24 VNET should have DNS parameter set to 172.20.0.123 (VIP).

$ onevnet show private -j | jq -r .VNET.TEMPLATE.DNS
172.20.0.123

The backend VM should inherit the DNS setting:

CONTEXT = [
  ...
  ETH0_DNS = "172.20.0.123",
  ...
]

Context Configuration Attributes

Parameter	Default	Description
ONEAPP_VNF_DNS_ENABLED	NO	Enable/Disable DNS feature (YES/NO)
ONEAPP_VNF_DNS_INTERFACES	all NICs	List of NICs to listen on (<[!]ethX> ...)
ONEAPP_VNF_DNS_MAX_CACHE_TTL	3600	Maximum caching time (seconds)
ONEAPP_VNF_DNS_USE_ROOTSERVERS	YES	Use root name servers directly (YES/NO)
ONEAPP_VNF_DNS_NAMESERVERS	none	List of upstream NSs to forward queries to (<IP>[@<PORT>] ...)
ONEAPP_VNF_DNS_UPSTREAM_TIMEOUT	1128	Upstream NS connection timeout (milliseconds)
ONEAPP_VNF_DNS_ALLOWED_NETWORKS	all SNs	Client networks from which is allowed to make queries (<network>/<prefix> ...)
ONEAPP_VNF_DNS_TCP_DISABLED	NO	Enable/Disable service over TCP (YES/NO)
ONEAPP_VNF_DNS_UDP_DISABLED	NO	Enable/Disable service over UDP (YES/NO)
ONEAPP_VNF_DNS_CLUSTER_DOMAIN	vr	Expose ipX.ethY.vr, vipX.ethY.vr and epX.ethY.vr DNS local-zone names

Note

The epX.ethY.vr local-zone names are constructed from the other two ipX.ethY.vr and vipX.ethY.vr, where VIP ones always take precedence. For example, when ip0.eth0.vr = 1.2.3.4 and vip0.eth0.vr = 1.2.3.254 then ep0.eth0.vr (endpoint0) is always set to 1.2.3.254.