homelab/docs/DNS.md

33 lines
1.1 KiB
Markdown
Raw Normal View History

2022-10-16 08:03:28 +00:00
# Architecture DNS
```mermaid
flowchart LR
subgraph External
recursor
GandiDns[ Gandi ducamps.win]
end
subgraph Internal
2022-10-16 08:13:42 +00:00
pihole[pihole]----ducamps.win-->NAS
2022-10-16 08:03:28 +00:00
pihole--service.consul-->consul[consul cluster]
2022-10-16 08:13:42 +00:00
DHCP --dynamic update--> NAS
2022-10-16 08:03:28 +00:00
NAS--service.consul-->consul
end
NAS --> recursor
pihole --> recursor
```
## Detail
Pihole container in nomad cluster is set as primary DNS as add blocker secondary DNS is locate on NAS
DNS locate on NAS manage domain *ducamps.win* on local network pihole forward each request on *ducamps.win* to this DNS.
Each DNS forward *service.consul* request to the consul cluster. On Pihole a template configure each consul server.
On diskstation every request as forward to one consul node this point is to improve we because we have a possibility of outtage. du to synology DNSServer limitation we only put a forward on port 53 so we need on the target consul node to redirect port 53 to 8300 by iptables rules.
2022-10-16 08:13:42 +00:00
a DHCP service is set to do dynamic update on NAS DNS on lease delivery
2022-10-16 08:03:28 +00:00
external recursor are on cloudflare and FDN