Merge pull request #68317 from subhtk/OCPBUG14840

skrthomas · web-flow · commit 90ae9d379df3 · 2023-12-14T10:48:14.000-05:00
OCPBUG#14840: Modified note related to egress firewall policy in how DNS resolution works section
diff --git a/modules/nw-egressnetworkpolicy-about.adoc b/modules/nw-egressnetworkpolicy-about.adoc
@@ -148,9 +148,9 @@ endif::ovn[]
 
 [NOTE]
 ====
-The egress firewall always allows pods access to the external interface of the node that the pod is on for DNS resolution.
+Using DNS names in your egress firewall policy does not affect local DNS resolution through CoreDNS.
 
-If you use domain names in your egress firewall policy and your DNS resolution is not handled by a DNS server on the local node, then you must add egress firewall rules that allow access to your DNS server's IP addresses. if you are using domain names in your pods.
+However, if your egress firewall policy uses domain names, and an external DNS server handles DNS resolution for an affected pod, you must include egress firewall rules that permit access to the IP addresses of your DNS server.
 ====
 
 ifdef::ovn[]
