Allow DNS zone transfers from ns1/ns2.opendev.org

This was likely missed in bootstrapping. Temporarily allow all authoritative slaves (opendev as well as openstack) to perform zone transfers over 53/tcp on either silent master nameserver. Change-Id: I68455a1d4fa5042da14b3c2e0747af00effad0da
2019-01-02 16:31:56 +00:00 · 2019-01-02 16:31:56 +00:00 · 49601213fe
commit 49601213fe
parent 83b493648a
1 changed files with 6 additions and 0 deletions
--- a/playbooks/group_vars/adns.yaml
+++ b/playbooks/group_vars/adns.yaml
@ -1,4 +1,10 @@
 iptables_extra_allowed_hosts:
+  - protocol: tcp
+    port: 53
+    hostname: ns1.opendev.org
+  - protocol: tcp
+    port: 53
+    hostname: ns2.opendev.org
  - protocol: tcp
    port: 53
    hostname: ns1.openstack.org