Skip to main content

How can we help you?

Search

help Knowledge Base
forum Community
checklist Release Notes
event Events

Install DNS Relay using VMware ESXi

Minetta Gould Community Team DNSFilter Staff
  • Edited

Follow this post to install the DNSFilter Relay via VMware ESXi.

Consult VMware's documentation for additional settings details and requirements.  

Prerequisites for setup

  • Recommended specs: 64-bit 2-core CPU; 2GB of RAM
  • Open these ports at the NSG level:
    • Port 53: Used for DNS (Domain Name System) traffic
    • Port 853: Used for DNS over TLS (DoT) traffic
    • Port 443: Used for HTTPS (Hypertext Transfer Protocol Secure) traffic
  • Create a Site in the DNSFilter dashboard to associate the Relay with. Copy the Site Secret Key from the Relay Install tab to complete the installation

Setup the Relay

  1. Download the Image: VMware 22.04, 3.7GB (ova)
    Login Credentials:
    Username: dnsfilter
    Password: ChangeMeNow!
  2. Import the Image file into VMware
  3. Update the default password using this command:passwd
  4. Use our in-app config tool to edit the relay.conf file or manually edit the relay.conf file using this command:sudo nano /etc/relay/relay.conf
    1. Edit these fields (crtl+o):
      1. Name. Must match the Site name set in the DNSFilter dashboard
      2. Site Secret Key. Copied from the dashboard
    2. Save these changes (return/enter) and exit the file (crtl+x)
  5. Confirm network settings are configured to run with the Relay: sudo nano /etc/netplan/00-installer-config.yaml
    1. Modify ethernet to the correct interface name to be discovered on the host. The most common within ESXi is ens33

       
    2. Choose how the network should obtain an IP:
       
      1. Use DHCP (default). This setting will work as long as the network firewall has a permanent DHCP lease for the MAC of the Virtual NIC of the ESXi container
      2. Assign a Static IP. Update the .yaml values:
        1. Add # before dhcp4: true
        2. Remove # before the next five lines
        3. Update addresses to reflect the Static IP e.g. 192.168.1.15/24 in the above image becomes 172.16.0.44/24
        4. Update gateway4 to the appropriate network gateway IP e.g. 192.168.1.1 in the above image becomes 172.16.0.1
      3. Save the file
    3. Run these commands as root to enable the changes. They will stick across boots:
      sudo netplan generate
      sudo netplan apply

  6. Run these commands:

    sudo systemctl enable docker.service

    sudo systemctl start docker.service
  7. Restart the VM 
  8. Run the ifconfig command to make sure it is picking up the correct IP
  9. Test the connection. Troubleshoot any errors as needed

  10. Start the docker relay with this command:
     

    sudo docker start relay1 relay2
  11. Confirm the status of the relays using this command:sudo docker ps

The setup is now complete and the Relay will begin filtering DNS traffic. 

Users running Vsphere that receive an error message during deployment see this post to resolve the issue.

0

Comments

0 comments

Please sign in to leave a comment.

New post

Featured posts