Hi all, hope you are all fine 🙂. I have probably a simple question regarding an RKE2 installation, but can’t really figuring out what is wrong. I have a very simple RKE2 cluster setup, 1 control-plane and 2 worker nodes in combination with the cilium CNI. Somehow pods running in this cluster aren’t able to resolve dns. Some information on the cluster: CoreDNS is running on two nodes control-plane-01 (pod-ip: 10.36.0.116) and worker-01 (pod-ip: 10.36.1.185) with a Service configured on 10.40.0.10 When running a multitool on each of the nodes a default

nslookup

fails with error

;; connection timed out; no servers could be reached

When running

nslookup <http://google.com|google.com> 10.36.0.116

from multitool running on the control-plane-01 host I get a valid response, running

nslookup <http://google.com|google.com> 10.36.1.185

it fails with the connection timed out error. Same behaviour when running this in the multitool pod on the worker-01 host. My guess is that our external firewall is blocking some connections, but I can’t find out which ports I should whitelist. I verified that all the ports mentioned on https://docs.rke2.io/install/requirements#inbound-network-rules (Kubernets specific ones and the Cilium ones) are open and allowed port 53 for TCP and UDP traffic between all the cluster hosts.