A removal of a too inclusive NAT rule on the firewall now exposes the
real ip of the staging servers (they were seen as the gateway).
They must be explicitly allowed to request the dns.
Details
Details
- Reviewers
ardumont - Group Reviewers
System administrators - Commits
- rSPSITE87af77517b68: Allow staging network to request internal dns
octocatalog-diff on pergamon
diff origin/production/pergamon.softwareheritage.org current/pergamon.softwareheritage.org
*******************************************
Bind::View[private] =>
parameters =>
match_clients =>
- ["192.168.100.0/24", "192.168.101.0/24", "192.168.200.0/21", "127.0.0.0/8", "::1/128"]
+ ["192.168.100.0/24", "192.168.101.0/24", "192.168.130.0/24", "192.168.200.0/21", "127.0.0.0/8", "::1/128"]
*******************************************
Concat::Fragment[bind-view-private] =>
parameters =>
content =>
@@ -4,4 +4,5 @@
192.168.100.0/24;
192.168.101.0/24;
+ 192.168.130.0/24;
192.168.200.0/21;
127.0.0.0/8;
*******************************************
Concat_fragment[bind-view-private] =>
parameters =>
content =>
@@ -4,4 +4,5 @@
192.168.100.0/24;
192.168.101.0/24;
+ 192.168.130.0/24;
192.168.200.0/21;
127.0.0.0/8;
*******************************************
*** End octocatalog-diff on pergamon.softwareheritage.orgDiff Detail
Diff Detail
- Repository
- rSPSITE puppet-swh-site
- Lint
Automatic diff as part of commit; lint not applicable. - Unit
Automatic diff as part of commit; unit tests not applicable.