Skip to content

DNS

Overview

dns.core.lef (instance np-dns) provides internal DNS resolution for the private cloud and VPN clients.

This VM runs on np-leftec-hipervisorA-1.

Purpose

Resolve internal hostnames (e.g., *.core.lef, *.db.lef).
Support split-horizon DNS where needed to avoid hairpin NAT issues.

Inventory

Item	Value
Provider	EVEO private cloud (VM)
Instance	`np-dns`
VMID (Proxmox)	`102`
OS	Debian 12
vCPU	2
RAM	512 MB
Disk	4 GB
LAN IP	`192.168.20.40`

Entry points

DNS admin UI: https://dns.core.lef (VPN/LAN required)
DNS service (resolver/forwarder): private network/VPN

Host entry	User	Purpose	Related
`np-dns`	`root`	DNS resolver/forwarder	Domains

DNS behavior (important)

VPN clients receive 192.168.20.40 (dns.core.lef) as a DNS resolver.
Technitium is configured as a recursive resolver for private networks only (default: “Recursion Only For Private Networks”).

Hosted services

DNS resolver/forwarder
DNS admin UI (zone/record management)

Dependencies

VPN access for collaborators (see VPN access).

Operational notes

Zone pages live under Domains.
Split-horizon guidance: see DNS split horizon.
Admin configuration is managed in Technitium at https://dns.core.lef/ (zones, apps like split-horizon, usage dashboard).
Credentials for the DNS admin UI are stored in Vault: see Vault (password manager).

Backup & recovery

This VM is backed up daily via EVEO (see np-leftec-hipervisorA-1).

Known risks / failure modes

DNS outages look like “everything is down” from inside VPN/LAN.
Split-horizon drift causes internal users to resolve public hostnames to public IPs.

Domains DNS split horizon Servers Servers & logins VPN access