What is the name of the domain?
db.prod.svc.cluster.local
What is the issue you’re encountering
Unable to filter by k8s service domains
What steps have you taken to resolve the issue?
Creating a profile with an include split tunnel entry based on IPs work.
Adding a k8s service domain filter (*.svc.cluster.local) works in the wizard, however the actual DNS queries on the client fail.
Running on Arch Linux:
$ cat /etc/resolv.conf
# This file was generated by cloudflare-warp.
nameserver 127.0.2.2
nameserver 127.0.2.3
search lan
$ host server.prod.svc.cluster.local 127.0.2.2
Using domain server:
Name: 127.0.2.2
Address: 127.0.2.2#53
Aliases:
Host server.prod.svc.cluster.local not found: 3(NXDOMAIN)
This all works on the cloudflared machine:
# host server.prod.svc.cluster.local
server.prod.svc.cluster.local has address 10.1.45.172
What are the steps to reproduce the issue?
- Create a DNS domain that is only reachable from inside your network (resolves on the cloudflared machine inside the network, doesn’t resolve on the public Internet)
- Create a user profile for WARP (Settings > WARP client > new profile, after creating and applying to your user move to “Split Tunnels” > Include IPs and Domains, add the relevant domain
- Connect with WARP client and ensure profile applies (e.g. using
warp-cli settingsand checkingProfile ID) - Try and resolve the internal DNS domain (e.g. using
hostordig) - Instead of success, you get an error