#netmaker
Title
# netmaker
m
melodic-spring-45645
07/04/2022, 2:09 PMWhat would be the recommended way for exposing a netmaker network's DNS to external clients?
j
jolly-london-20127
07/05/2022, 4:22 PMyou can set "default ext client dns" in the network settings by editing. Set this to the public IP of the netmaker server. Expose CoreDNS on port 53 of the machine. Then, any new ext client generated will have the IP added to dns settings. Also, if you have port_forward_services turned on in your server settings (env variables), it will forward port 53 on netmaker interfaces to coredns. This means you can use the private address of netmaker (e.g. 10.10.10.254) in the "default ext client dns"
m
melodic-spring-45645
07/05/2022, 4:24 PMGotcha, so when setting default ext client dns, it'll set the DNS server that the client will query?
j
jolly-london-20127
07/05/2022, 4:24 PMyes, but only for newly-generated ext clients. Existing ones will need to be re-generated
this basically just sets the DNS= field in a standard wg.conf file
m
melodic-spring-45645
07/05/2022, 4:25 PMgotcha, thanks
hmm, I manually added
DNS = x.x.x.xwith
x.x.x.xj
jolly-london-20127
07/05/2022, 4:32 PMsetting coredns as a public DNS server requires additional configuration beyond just opening port 53
m
melodic-spring-45645
07/05/2022, 4:35 PMyeah, I'm not bothered about it being a public server.
is it possible to route only specific domain searches through the wireguard dns setting, so that it only queries
machine.networkj
jolly-london-20127
07/05/2022, 4:38 PMi dont believe this is possible with pure wireguard config since this is split DNS
we do this on the netclient but for ext clients you would need your own implementation
m
melodic-spring-45645
07/05/2022, 4:40 PMbummer, modifying hosts file it is
on another note, is the https port used purely for the online ui or other functionalities also?
j
jolly-london-20127
07/05/2022, 4:45 PM443 is used by the UI, API, and MQTT traffic
m
melodic-spring-45645
07/05/2022, 5:00 PMcool thanks
2 Views