Internal Caching Nameserver Declaration - ghomem/legacy_puppet_infrastructure GitHub Wiki

To only allow requests from the node itself simply include the class in your node declaration:

(...)

include puppet_infrastructure::caching_nameserver

(...)

If the purpose of the server is to provide a VPN connection to users from an outside network, you will need to allow these requests from the outside:

(...)

lan_iface = 'br0'

include puppet_infrastructure::caching_nameserver
class { 'puppet_infrastructure::firewall_addon_caching_nameserver':
    lan_iface => $lan_iface
}

(...)

In both cases the dns nameserver of the machine should point to 127.0.0.1.