UNCLASSIFIED - NO CUI

Skip to content

twistlock DNS netpol does not allow port 5353 for Openshift

twistlock DNS netpol does not allow port 5353 for Openshift

Looking at the DNS netpol here: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock/-/blob/7dbd5f46e7e0b2c4e42d28504de48cfd59bd2cc7/chart/templates/networkpolicies/egress-kube-dns.yaml#L12 Only port 53 is allowed. Openshift needs port 5353 for DNS lookups.

Using BB 1.11.0, Openshift 4.6.4

UNCLASSIFIED - NO CUI