mirror of
https://github.com/dnscrypt/dnscrypt-server-docker
synced 2024-11-22 23:51:59 +01:00
Recommend --net=host
This commit is contained in:
parent
2dfb660640
commit
f292b9ff14
10
README.md
10
README.md
@ -22,13 +22,13 @@ Let's pick `example.com` here.
|
|||||||
|
|
||||||
Download, create and initialize the container, once and for all:
|
Download, create and initialize the container, once and for all:
|
||||||
|
|
||||||
$ docker run --name=dnscrypt-server -p 443:443/udp -p 443:443/tcp \
|
$ docker run --name=dnscrypt-server -p 443:443/udp -p 443:443/tcp --net=host \
|
||||||
jedisct1/unbound-dnscrypt-server init -N example.com
|
jedisct1/unbound-dnscrypt-server init -N example.com
|
||||||
|
|
||||||
This will only accept connections via DNSCrypt. Containers on the same virtual
|
This will only accept connections via DNSCrypt on the standard port (443).
|
||||||
network can directly access the DNS cache on the standard DNS port (53), but
|
|
||||||
to create a regular, non-authenticated public DNS resolver, this extra port
|
`--net=host` provides the best network performance, but may have to be
|
||||||
has to be explicitly exposed (`-p 53:53/udp -p 53:53/tcp`).
|
removed on some shared containers hosting services.
|
||||||
|
|
||||||
Now, to start the whole stack:
|
Now, to start the whole stack:
|
||||||
|
|
||||||
|
@ -27,7 +27,7 @@ sed \
|
|||||||
server:
|
server:
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
num-threads: @THREADS@
|
num-threads: @THREADS@
|
||||||
interface: 0.0.0.0@53
|
interface: 127.0.0.1@53
|
||||||
so-reuseport: yes
|
so-reuseport: yes
|
||||||
edns-buffer-size: 1252
|
edns-buffer-size: 1252
|
||||||
delay-close: 10000
|
delay-close: 10000
|
||||||
|
Loading…
Reference in New Issue
Block a user