docs: add documentation for enabling reverse DNS lookup with systemd-resolved (#6731)

* Remove trailing whitespace in DNS forwarding guide. * Add example for enabling reverse lookup of IP addrseses to .consul domain on systemd-resolved platforms
2020-02-18 07:16:12 -06:00 · 2020-02-18 07:16:12 -06:00 · 2b54237e33
parent 0a239e49db
commit 2b54237e33
1 changed files with 22 additions and 14 deletions
--- a/website/source/docs/guides/forwarding.html.md
+++ b/website/source/docs/guides/forwarding.html.md
@ -185,8 +185,16 @@ Binding to port 53 will usually require running either as a privileged user (or
 CAP_NET_BIND_SERVICE capability). If using the Consul docker image you will need to add the following to the
 environment to allow Consul to use the port: `CONSUL_ALLOW_PRIVILEGED_PORTS=yes`

-Note: With this setup, PTR record queries will still be sent out
-to the other configured resolvers in addition to Consul. 
+Note: With this setup, PTR record queries will still be sent out to the other configured resolvers in
+addition to Consul. If you wish to restrict this behavior, your `resolved.conf` should be modified to
+
+```
+DNS=127.0.0.1
+Domains=~consul ~0.10.in-addr.arpa
+```
+
+where the example corresponds to reverse lookups of addresses in the IP range `10.0.0.0/16`. Your
+configuration should match your networks.

 ## iptables Setup