I once had a case of bypassing the default DNS from the institution, because there were lots of important website blocks. But we are also not allowed to use a public DNS resolver like 1.1.1.1
etc., if we use a public DNS our internet will be immediately disconnected. Therefore, here I will create a bastion container that uses the default gateway to a VPS and installs BIND9 as the DNS Forwarder.
- Docker
- OVPN or any VPN client profile
- 1 Interface for Bridge to Router
- VM with Ubuntu Server for Host Container
- VM with 2 Interface,
ens3
for default link &ens12
for bridge BIND9 link - Default gateway on
172.20.0.1
- DNS IP will be
172.20.1.25
who will forward to1.1.1.1
&8.8.4.4
- I use this tutorial for create BIND9 DNS Fordwarder
- Please adjust for your needs.
FROM ubuntu:20.04
RUN apt update && \
apt install openvpn curl -y
COPY client.ovpn /etc/openvvpn
ENTRYPOINT [ "openvpn", "--config", "/etc/openvpn/client.ovpn" ]
docker build -t bind9 .
docker build -t bind9 .
docker network create -d ipvlan \
--subnet 172.20.0.0/16 \
--gateway 172.20.0.1 \
-o parent=ens12 \
forBind9
docker run -d --restart always --network forBind9 --ip 172.20.1.25 --name bind9 --cap-add NET_ADMIN --device=/dev/net/tun bind9
apt-get update
apt-get install bind9 bind9utils bind9-doc
nc -vz 172.20.1.25 53
nc -vzu 172.20.1.25 53
Try on your linux or anything :
nano /etc/resolv.conf
---
nameserver 172.20.1.25
---
Enjoy~