Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
brynx97 10 hours ago

I had challenges with split-DNS in my homelab k3s cluster trying to do this. I ended up just putting the apps in docker-compose on a VM that has static routes for my local homelab networks. I looked at tailscale to solve this since it has a kubernetes operator, but tailscale doesn't fit my use cases or work well with all of my devices.

btreecat 10 hours ago | parent [-]

> I had challenges with split-DNS in my homelab k3s cluster trying to do this. I ended up just putting the apps in docker-compose on a VM that has static routes for my local homelab networks. I looked at tailscale to solve this since it has a kubernetes operator, but tailscale doesn't fit my use cases or work well with all of my devices.

I don't need tails scale for this, seems like overkill.

I would like to better understand why my combination of marked packets and SOCK5 proxy are not fully working for certain UDP traffic. I also need to investigate if disabling ipv6 will help.

Using a VM or docker compose when I have k3s feels like admitting defeat with out understanding why.

brynx97 5 hours ago | parent | next [-]

To each their own. I mostly figured out why, and I did not want to create too much tech debt in my homelab with brittle split-DNS and PostUp/PostUp wireguard configurations. I already had ansible and templates setup to move back to the VM and docker-compose. I did learn a fair bit on CoreDNS, so that was a worthwhile experiment.

btreecat 3 hours ago | parent [-]

I didn't mean for you, I meant for me. I have truenas providing storage to my cluster but can easily just run a VM there.

I think you're approach is absolutely valid and didn't mean to seem like I was dismissive. Apologies.

baobun 9 hours ago | parent | prev [-]

> I would like to better understand why my combination of marked packets and SOCK5 proxy are not fully working for certain UDP traffic

I think UDP support for SOCKS5 proxies and clients is very spotty, especially beyond DNS. Probably some bugs out there. That might go for UDP in more or less esoteric container networking setups too...

If everything else fails, I've had the least hassle with socat, as well as just chucking workloads in full vm (if in container with --network=host) and using ip routes and policies.