1
1
mirror of https://github.com/dnscrypt/dnscrypt-server-docker synced 2024-11-22 23:51:59 +01:00

Recommend --net=host

This commit is contained in:
Frank Denis 2015-08-29 00:17:30 +02:00
parent 2dfb660640
commit f292b9ff14
2 changed files with 6 additions and 6 deletions

@ -22,13 +22,13 @@ Let's pick `example.com` here.
Download, create and initialize the container, once and for all: Download, create and initialize the container, once and for all:
$ docker run --name=dnscrypt-server -p 443:443/udp -p 443:443/tcp \ $ docker run --name=dnscrypt-server -p 443:443/udp -p 443:443/tcp --net=host \
jedisct1/unbound-dnscrypt-server init -N example.com jedisct1/unbound-dnscrypt-server init -N example.com
This will only accept connections via DNSCrypt. Containers on the same virtual This will only accept connections via DNSCrypt on the standard port (443).
network can directly access the DNS cache on the standard DNS port (53), but
to create a regular, non-authenticated public DNS resolver, this extra port `--net=host` provides the best network performance, but may have to be
has to be explicitly exposed (`-p 53:53/udp -p 53:53/tcp`). removed on some shared containers hosting services.
Now, to start the whole stack: Now, to start the whole stack:

@ -27,7 +27,7 @@ sed \
server: server:
verbosity: 1 verbosity: 1
num-threads: @THREADS@ num-threads: @THREADS@
interface: 0.0.0.0@53 interface: 127.0.0.1@53
so-reuseport: yes so-reuseport: yes
edns-buffer-size: 1252 edns-buffer-size: 1252
delay-close: 10000 delay-close: 10000